How to Completely Wipe Your Hard Drive in Linux

Linux Wipe Hdd Featured

You may be selling your old computer after a recent upgrade and need to make sure your personal photos don’t turn up on the Internet. There are many reasons you may wish to obliterate your data from a hard disk or SSD. Unfortunately, the process is far from what we see in Hollywood films: you can’t push a knob and have everything deleted in seconds.

With a little patience, though, and a command on the terminal or the proper live CD, you can wipe out a full hard drive or SSD, making data retrieval difficult by third parties, if not outright impossible.

Secure Erase VS storage

Secure Erase is a feature that completely wipes out the contents of a storage device. It has been part of the firmware of most HDDs and SSDs and the suggested solution for secure deletion for ages. In practice, though, several users have reported serious complications with it.

Its implementation seems to vary between vendors, and sometimes it doesn’t lead to a complete deletion of data.

Linux Wipe Hdd External Hdd

Others say its operation “bricked” their devices because “the controller that turned them from internal to external ones” decided it would be a good idea to cut down on electricity costs by putting them to sleep. Or because an iffy BIOS bug somehow “got in the way” and prevented the procedure from completing.

And (much) older hard drives (less than 15GBs in size) just don’t support it.

Thus, the “official and best” method, Secure Erase, remains somewhat of a gamble, making the alternatives that follow much better choices. That’s why we’ll skip it and jump straight to the safer alternatives.

Overwriting Data

When we delete a file in modern OS, it’s usually transferred to a “Recycle Bin.” We can still recover any data from it for some time if we change our mind.

One might assume a “complete” delete, where the file is not moved to a Recycle Bin, is a safer approach. Again, however, the file is not eliminated: the media controller marks the area inhabited by the file as “free to use,” but the data it contains remains unscathed.

The deletion of the entire partition and file system sounds like a better – and more radical – option, until you realize it’s the same thing but on a grander scale. The whole partition is “marked as non-existing,” and the space it covered as “unused,” but nothing is truly wiped out. The data will exist until overwritten.

The only reliable way to delete sensitive data is by overwriting it with other data. Preferably, more than once. This is what the following methods do. What differs is their availability, ease of use, and extra options for more secure deletion through multiple overwrites and patterns used.

What will you delete?

If you have more than one storage device on your PC, before trying to delete anything, you need to know which it is, to dodge “mishaps” like wiping out the wrong disk.

The simplest path is if you are already in a graphical user environment with the HDD/SSD to be deleted connected as a secondary device. Then you can use a program like GParted to check out all storage devices and identify the right one.

Linux Wipe Hdd Install Gparted

If you prefer the terminal, you have even more options. Some may already be part of your distribution. Others may demand additional tools to be installed.

Lsblk lets you see all block devices attached to the computer. For legible results, try it as:

smartctl lets you view information about each device. Use it like:

A little more illegible but just as helpful, hdparm can show comparable results with a nearly identical command:

Finally, fdisk is probably the most popular option, and is usually installed in almost all Linux distributions. It, too, can present information about your drives and SSDs, though not as detailed as the other options. Try it with:

The dd method

Once you find the device that has the contents you want to destroy, you can use a command that will overwrite this data “with something else,” making its retrieval almost impossible. Both the command and what this “something else” will be is a matter of preference.

Linux Wipe Hdd Dd

The most common method uses the popular dd tool with a command as:

In it, of=/dev/sdX corresponds to the device to be wiped out, e.g. of=/dev/sda or of=/dev/sdc.

You can speed up the process by using large blocks, and see a progress summary by structuring it as:

Where bs=4096 is the block size, it differs between devices, and ideally, you could find the one for your device from its manufacturer’s site. Status=progress requires you to have a progress indicator that will display the time until completion.

Linux Wipe Hdd Dd Urandom

Using random patterns rather than a uniform set of zeros is deemed safer for deleting data beyond recovery. You can achieve this by using an alternate take on those commands as:

As you can see, we use an alternative source, replacing the zeros with random numbers. Note that this method raises the use of system resources, as it tasks the CPU with constant random number generation.

The scrub approach

Scrub is another alternative that turns out even easier in actual use but has simpler syntax.

Linux Wipe Hdd Install Scrub

Scrub isn’t usually found installed in most Linux distributions, and you’ll probably have to install it first with:

After its installation, the complete deletion of any HDD or SSD is merely a matter of entering the following as root:

Wipe everything

Similar to scrub, wipe can erase the contents of a storage device disturbingly easily – double-check before you set it loose on your precious data. And just like scrub, to use wipe in most Linux distributions, you first need to install it.

Linux Wipe Hdd Wipe

Afterward, to erase everything in sdX, you simply have to press Enter after typing in a terminal:

The Live GUI path

Note: The following methods will work regardless of the OS running in the hard drive.

If you wish to destroy the contents of the HDD or SSD where your OS lives, you can’t do it while you’re using the OS. Instead, you can use a Live CD/DVD of a Linux distribution – preferably, one that employs the Gnome desktop environment which usually comes with the easy-to-use Gnome Disk Utility.

To delete everything this way, boot from the distribution’s Live CD/DVD. Run Gnome Disk Utility (found as “Disk” in Gnome).

Linux Wipe Hdd Gnome Disk Utility

Select your storage-to-be-deleted from the list in the left pane, click the two-gear button, and select “Format Partition.”

In the window that appears, enable the “Erase” option to overwrite the existing data.

Enter a name for the storage media in Volume Name, click Next on the top right, and accept the warning displayed with another click on the Format button that will show up at the same spot.

Darik’s Boot and Nuke solution

Another approach that is also based on a live CD relies on “Darik’s Boot and Nuke,” better known as DBAN. Instead of a standard distribution, DBAN is a standalone bootable tool specializing in a sole process: the complete and utter deletion of all the contents of an HDD or SSD.

Linux Wipe Hdd Dban

After you boot the computer from it, and after an initial process of identifying the computer’s hardware, DBAN will show you a list of the devices it found. Select the one you want to wipe using the cursor keys and enter or space, and press F10 to start the deletion process.

The best results: hammer and Not-a-Flamethrower

We are not data recovery specialists, so we cannot guarantee which methods perform better. Some claim it is possible to detect and recover traces of data that has been overwritten up to twice from the surface of a hard disk drive by using specialized equipment. Others insist that this is theoretical with no proof that it is feasible. Some recovery companies claim to have saved data even from hard disk drives that almost disintegrated in a fire or whose platters were in pieces.

Since they are the specialists, and they present those as some of the worst-case scenarios, it’s probably best to trust them: the introduction of a hammer and Elon Musk’s Not-a-Flamethrower sounds like the most powerful “safe deletion” method. But for those of us who don’t have access to a flamethrower and who don’t like to act like a raging Thor at three in the morning, the methods we saw are the best bet.

Odysseas Kourafalos Odysseas Kourafalos

OK's real life started at around 10, when he got his first computer - a Commodore 128. Since then, he's been melting keycaps by typing 24/7, trying to spread The Word Of Tech to anyone interested enough to listen. Or, rather, read.

13 comments

    1. Great one, too. It’s not that I forgot about or didn’t want to cover it, but that there are also time and space constraints for every article. There are supposedly some quirks of Shred with journaling filesystems, and that would mean I’d have to dive into that topic as well – what journaling is, how it affects storage, how there are older versions of files available, yadda-yadda-yadda. I’d love to be able to write proper ebooks on each topic, to cover all bases in as much detail as possible, but that’s unrealistic if you take into acount time and space constrains.

  1. Thanks for this article about HD erasing.

    _NB_: Things really get more complicated when speaking about SSD!
    To date, AFAIK, the only serious way is to use the SSD manufacturer solution (even better if you don’t want to use again your disk, you can use a drill or hammer). Indeed, studies show that some data are theoretically recoverable otherwise (it’s not necessarily easy though…).

    1. Indeed, although it falls under the “theoretical” realm. Meaning, I don’t have personal experience with advanced recovery of data, especially if we’re talking “pulling the chips out of an SSD” to do it. I’ve reached the point of using specialized software to recover data from mangled filesystems (like OnTrack Data Recovery and R-Studio on Windows), but that’s as far as I’ve gone. Maybe I should dive in again on the topic in the future, this time from the Linux side of things :-)

      1. Yes, that can become really complicated… It’s a whole domain/specialty (forensic/recovery)!
        I’m like you, I only use dedicated tools if need be.
        I think the most famous/easy(/efficient?) tool on Linux is TestDisk/PhotoRec…

  2. Darik’s Boot and Nuke is probably the most secure, but unless you are an international spy, illegal drug dealer, an unethical politician, child porn user or producer, or have looked up how to murder someone and then actually did it, you are probably safe with all the methods listed here. Does the government really want or need to recover your data? If not and you are donating your computer to the local school or charity, most any method mentioned here should be fine.

    1. Yeap. The vast majority of users don’t even need those methods and a simple format will do. Especially if you take into account that 9 out of 10 second-hand PCs I’ve toyed with hadn’t even been formated – they were sold as-they-were, even with saved user accounts in the installed software. Most people don’t take security seriously. Especially those that have experience _only_ with Windows – where many people believe “if they empty the Recycle Bin, they’re fine” :-D

  3. “need to make sure your personal photos don’t turn up on the Internet”
    If you use cloud storage and/or frequent social media, your personal photos are already all over the Internet. :-)

    “it’s usually transferred to a “Recycle Bin.””
    Only in Windows. In Linux it is called “Trash” and the article is supposedly about Linux. Just a minor quibble.

    1. My bad. Sorry for that. I’m a multi-OS-user, jumping between three PCs with different OSes, three Raspberry Pi’s and dozens of different virtual machines. But no Macs. They’re my Kryptonite :-)

      I edited the piece on Windows, since I’m using some AutoHotKey scripts I’ve written to help in automating some aspects of the editing process, and there was the Recycle Bin in the background, seeping into my subconscious.

      Moral of the story: I’m never at fault and Windows are always the culprit for every problem under the sun :-D

      Kidding, obviously. Each OS has a place under the sun. Especially Workbench 3.1.

  4. I use whole file encryption as a matter of course. Negligible impact on performance for most tasks. So getting rid of a drive becomes rather simple. Might make sense to do a routine format and reinstall the OS before selling buts that’s about it.

  5. There are some specific protocols, on securely deleting files, of magnetic devices, like HDD, using overwriting technique. Of course the most have militar/NSA/CIA origin :}

    All of them consider, minimum security level as, 5 secure overwriting passages.

    Stronger protocol sets number of (those overwriting) passages to 35!!

    1. Indeed, and this is why some of those tools default (or at least support) over 30 passes. I personally do consider them overkill, though, since I haven’t heard of any case of so “extreme” data recovery. And experts argue on if going overboard is truly useful.

      Meaning that, if someone is so dedicated (and has the technology and know-how) as to be able to recover your data after more than five passes, its secure deletion won’t “save you”. You will already have 10 drones flying over your house and snipers looking at you through thermal vision, so… You know… :-D

Leave a Comment

Yeah! You've decided to leave a comment. That's fantastic! Check out our comment policy here. Let's have a personal and meaningful conversation.