# What do you use to wipe a file off (w/o pgp -w)?

## jkcunningham

I recently switched over to gpg because it seems that pgp isn't supported anymore. But gpg does not include the -w option to physically overwrite a file. What does one use to wipe a file? I assume there is a utility in portage somewhere that will do this easily.

Thanks.

-Jeff

----------

## Torg

here are two options.

```

dd if=/dev/zero of=/path/to/filename bs=1k

```

Repeat this 3 times for DoD level wiping.

Also, there is a built in fileutil called shred from fileutils.

man shred for more info on that.

-Torg

----------

## verbatim

 *Torg wrote:*   

> 
> 
> ```
> 
> dd if=/dev/zero of=/path/to/filename bs=1k
> ...

 

If you wanted to do this securely, wouldn't it make more sense to use /dev/urandom instead of zero?

----------

## jkcunningham

That takes awhile to run on a big disk (minutes, not seconds), but does seem work.

But what I had in mind was something more like bcwipe (which I found in portage). It has the virtue apparently of being able to do multiple (DoD approved) patterns and slack space wiping (the extra space between the end of the file and the end of its block). 

Thanks.

-Jeff

----------

## erik_swanson

GNU Shred is probably what you're looking for.

```
emerge sys-apps/fileutils
```

----------

## Torg

 *verbatim wrote:*   

>  *Torg wrote:*   
> 
> ```
> 
> dd if=/dev/zero of=/path/to/filename bs=1k
> ...

 

Doesn't /dev/urandom need to be seeded?  I'd hate to run out the entropy pool in one shot.

Regular /dev/random would work too though. 

jkcunningham - I didn't intend for you to run it on the entire disk.  Just the files you wanted to obscure.

-Torg

----------

## jkcunningham

I see that now that I looked at your code closely. I ran across this snippet this afternoon that works on the same principal, but it does the entire freespace of the disk, which took about ten minutes. 

```

dd if=/dev/zero of=/home/bigfile

sync

rm /home/bigfile

sync 

```

----------

## zhenlin

shred shreds files. Included with every rm.

Nice way of implementing free-space zeroing - but it doesn't zero superuser reserved space.

----------

## PowerFactor

According to the shred manpage shred doesn't really work on journaled filesystems or raid.

 *Quote:*   

> CAUTION:  Note  that  shred relies on a very important assumption: that
> 
>        the filesystem overwrites data in place.  This is the  traditional  way
> 
>        to  do  things,  but many modern filesystem designs do not satisfy this
> ...

 

This was news to me.  So now how would one go about this?  I suspect the dd trick (for single file) wouldn't be effective anywhere shred isn't.  And I doubt pgp -w is any better.

----------

## jkcunningham

my impression is that bcwipe will work. 

-Jeff

----------

## UncleTom

You could also check out wipe at http://wipe.sourceforge.net/

I don't know if there is an ebuild for it, I'm not working on my Gentoo box at the moment.

----------

## Gentoo Server

I encrypted my complete disk

so i can just rm and its ok

----------

