LinuxCommandLibrary

wipe

Securely erase files from storage devices

SYNOPSIS

wipe [options] file...

PARAMETERS

-r, --recursive
    Recursively wipe directories and their contents. Required for directory wiping.

-f, --force
    Force wiping without confirmation prompts. Use with caution.

-q, --quiet
    Suppress most output, only showing errors.

-i, --info
    Show progress of wiping during operation.

-k, --keep-going
    Continue wiping other files even if an error occurs on one file.

-s , --passes
    Specify the number of wiping passes. Default is 4.

-S , --standard
    Use a specific standard wiping pattern. Patterns include 'dod' (DoD 5220.22-M), 'gutmann', 'random', 'zero', etc.

-p, --paranoid
    Use the Gutmann method (35 passes) for maximum security. Implies `-s 35`.

-x, --exit-on-error
    Exit immediately if any error occurs during wiping.

-v, --verbose
    Increase verbosity, showing more detailed output.

-Z, --zero
    Wipe with a single pass of zeros. Faster but less secure.

-c, --clean-names
    Also attempts to clear the file name from the directory entries (inode zeroing for ext2/3/4). Not always effective on all filesystems.

-o, --only-name
    Only attempt to clear the file name, without wiping the file content.

-D, --delete-dir
    Also destroy the directory entries of wiped files after they are gone. Use with `-r`.

-h, --help
    Display help message and exit.

-V, --version
    Display version information and exit.

DESCRIPTION

The wipe command is a utility designed for securely erasing data from files, directories, or entire storage devices. Unlike standard deletion methods (like `rm`), which only remove the pointer to the data, leaving the actual data on the disk, `wipe` overwrites the data multiple times with various patterns (e.g., random data, zeros, or specific algorithms like DoD 5220.22-M or Gutmann). This process makes the original data virtually impossible to recover, even with advanced data recovery techniques. It's crucial for protecting sensitive information before disposing of storage media or sharing computers. `wipe` supports recursive deletion for directories, can force operations without confirmation, and offers various levels of wiping intensity.

CAVEATS

Using wipe on Solid State Drives (SSDs) can be problematic. SSDs use wear-leveling and block remapping, meaning data might be moved to different physical locations, and overwriting a 'logical' block might not overwrite the 'physical' block. Repeated wiping can also reduce the lifespan of an SSD.

Be extremely careful when wiping entire partitions or disks (e.g., `/dev/sda`). Ensure you have selected the correct device, as data loss is irreversible. It is recommended to use `wipe` as a non-root user when possible, and only as root when absolutely necessary for devices or system files.

The effectiveness of secure deletion methods depends on the underlying filesystem and hardware. Some sophisticated recovery methods might still retrieve fragments of data under specific circumstances.

WIPING METHODS

wipe implements several data sanitization methods. The default method involves multiple passes of different data patterns (e.g., pseudo-random data, specific bit patterns) followed by a final pass of zeros. More secure methods like the Gutmann method (35 passes) or the DoD 5220.22-M standard (7 passes) are available via options, each providing increasing levels of data unrecoverability at the cost of longer execution times.

DEVICE WIPING

Beyond individual files, wipe can be used to securely erase entire disk partitions or physical drives. When wiping a device (e.g., `/dev/sdX`), wipe writes directly to the raw device, ensuring all accessible sectors are overwritten. This is particularly useful for decommissioning old hard drives or USB sticks. Always ensure the device is unmounted before attempting to wipe it to prevent data corruption or errors.

HISTORY

The `wipe` command has been around for many years, offering a robust solution for secure data deletion. Its development aimed to provide a more thorough alternative to the simple `rm` command, adhering to various government and industry standards for secure data sanitization (like DoD 5220.22-M). While other tools like `shred` exist, `wipe` often provides a broader range of options for secure wiping methods and handling different types of storage devices and filesystems, making it a valuable utility in data security contexts.

SEE ALSO

shred(1), rm(1), dd(1), scrub(1)

Copied to clipboard