5

How do I securely delete a folder, with all of its contents, so it cannot be recovered?

I have tried the shred command but it only works with files and not folders.

I have also found out that there is a package called secure-delete which seems to work fine on Ubuntu, but when I try to install it using sudo yum install secure-delete I get the following message: No package secure-delete available which makes me think that the package is not available for CentOS 7.

How to proceed?

Jeff Schaller
  • 67,283
  • 35
  • 116
  • 255
Sillo
  • 51
  • Ahhh...the package is not available on RHEL 6, centos 6, nor fedora 24 either--but it is in Ubuntu 16.04 LTS – mdpc Nov 08 '16 at 02:20
  • Related: http://unix.stackexchange.com/questions/252593/how-can-i-securely-delete-the-contents-of-a-thumb-drive-so-data-cant-be-recover – Jeff Schaller Nov 08 '16 at 03:18
  • Related: http://unix.stackexchange.com/questions/62345/securely-delete-files-on-btrfs-filesystem – Jeff Schaller Nov 08 '16 at 03:19
  • Related: http://unix.stackexchange.com/questions/63337/how-can-i-be-sure-that-a-directory-or-file-is-actually-deleted/63343#63343 – Jeff Schaller Nov 08 '16 at 03:19
  • Related: http://unix.stackexchange.com/questions/44234/clear-unused-space-with-zeros-ext3-ext4/44237#44237 – Jeff Schaller Nov 08 '16 at 03:19
  • Related: http://unix.stackexchange.com/questions/27027/how-do-i-recursively-shred-an-entire-directory-tree/117848#117848 – Jeff Schaller Nov 08 '16 at 03:20

3 Answers3

3
find /folder -type f | xargs shred

but underlying layers (like a COW FS, or SSD wear leveling) might make that pointless, so it's best to just encrypt in the first place.

user1133275
  • 5,574
  • The storage device may also move blocks around (as well as the file-system). No guarantee of deletion. – ctrl-alt-delor Feb 20 '18 at 17:00
  • @ctrl-alt-delor yes I already mentioned "cow fs", and added "wear leveling" just now. – user1133275 Feb 21 '18 at 15:29
  • Also, if there is any chance that the files may have been copied around on the system, they would have left traces in other places too. – Kusalananda Feb 21 '18 at 15:39
  • @Kusalananda that seems obvious but for people not already understanding this question maybe not, but anyway encryption solves that to. Other ideas in that vain are use encrypted transports (https), otherwise proxy servers will copy your file. – user1133275 Feb 21 '18 at 20:02
  • When combining find and xargs in a pipe, it is good practice to give the -print0 command line option to find and the --null option to xargs. Otherwise the commands will not be able to handle filenames that includes newlines. – Erik Sjölund Aug 04 '20 at 16:34
0

My suggestion would be to get the application source and compile/install it yourself manually.

mdpc
  • 6,834
0

On non-journalled file systems, shred can securely delete files for you. Just make sure you apply it individually to each file, e.g. using the find command shown in user1133275's answer.

However most file systems today are journalled (NTFS, ext3/4, reiserfs, jfs, xfs, btrfs, zfs [in a way]) so you may not be able to effectively delete all traces of that data using shred or anything else. Only time will ensure that the blocks will eventually get reused and the journal rotated enough that the data disappeared.

Your other option is to shred the entire partition using an appropriate tool. Depending on how far you need to go, overwriting the partition with data from /dev/urandom could be sufficient.

Pedro
  • 1,891
  • 1
  • 13
  • 23