shred Linux Command: Syntax, Options, Examples

Introduction

When you delete a file in Linux, the operating system does not remove the file from the hard drive. It deletes the pointers to the file and marks the occupied space as reusable while the actual data remains intact.

Users can recover the deleted file until it is overwritten by other data. The shred command prevents the recovery of deleted files in Linux by overwriting the file with random data.

In this tutorial, you will learn how to use the shred command in Linux.

Prerequisites

• A Linux system.
• Access to the command line.

Linux shred Command Syntax

The shred command is a part of the coreutils package, which is included in Linux by default. Open the terminal and enter the following command to check if shred is installed:

shred --version

In this example, the shred version is 9.4

If the shred utility is not found, install it using the command for your Linux distribution:

Linux Distribution	Command to Install shred
Debian/Ubuntu	sudo apt install coreutils
Fedora/Rocky/CentOS	sudo dnf install coreutils
Arch Linux	sudo pacman -S coreutils
openSUSE	sudo zypper install coreutils

The basic shred command syntax is:

shred [options] [filename]

• Options. Used to customize the shredding process, like setting the number of overwrites, file size, and output. Multiple options can be combined.
• Filename. The name of the file you want to shred. If the file is in a different directory, you can specify its full or relative path.

Linux shred Command Options

The following table lists shred command options:

Option	Description
-n	Specifies the number of overwrites (default value is 3).
-u	Overwrite and delete.
-s	Amount of bytes to shred.
-v	Show detailed progress information.
-f	Force shred command.
-z	Overwrite with zeroes to hide shredding.
--version	shred version information.
--help	Display help with usage information.

shred vs. rm Command

The shred command conducts a series of overwrite operations to destroy data on the disk and significantly reduce the chance of data recovery. After the file has been overwritten, users can also delete the file with the -u option.

Use shred to prevent anyone from recovering sensitive files, such as an old passwd file containing outdated credentials.

	shred	rm
Use Case	Overwrites and securely deletes data.	Deletes file references.
Data Recovery	Very difficult.	Possible if not overwritten.
Speed	Slower due to the overwrite process.	Fast.

The rm command removes the reference to the file in the file system, but the actual data remains on the disk until overwritten. It is a fast and convenient option if you are not concerned about unauthorized data recovery.

Linux shred Command Examples

The following section shows how to use shred and its options through practical examples.

Overwrite a File

The primary function of the shred command is to overwrite a file multiple times to destroy the data. To shred a file, use the following syntax:

shred [filename]

Replace filename with the exact name of the file or the file's path. If the file name contains spaces, enclose it in quotation marks. For example, the following command shreds the passwords test file:

shred "passwords test"

You can use the cat command to confirm the file's contents are unreadable after shredding.

Run shred with Verbose Mode

Verbose mode allows you to display additional extended information about the shredding process in the terminal. The -v option displays detailed progress information, including the number of overwrite passes:

shred -v [filename]

The output shows the progress of each pass in a new line.

Overwrite a File X Times

By default, shred overwrites files 3 times. The -n option allows users to specify how many times the file is overwritten:

shred -n [number] [filename]

In this example, the passwords file is overwritten 10 times:

shred -n 10 -v passwords

The -v option displays the shredding progress in the terminal.

Overwrite and Delete a File

shred overwrites files but does not delete them by default. This is because the command is often used to overwrite entire device files and partitions, where deletion is redundant.

Use the -u option to delete individual files after overwriting them:

shred -u [filename]

For example, the following command deletes the passwords file:

shred -uv passwords

The -v option is used to show the shredding progress.

Selectively Overwrite Bytes of Text

The -s option enables users to overwrite a specific portion of a file expressed in bytes. Suffixes like K (kilobytes), M (megabytes), and G (gigabytes) are also accepted.

The syntax is:

shred -s [number_of_bytes] [filename]

To overwrite the first 10 bytes of the passwords text file, enter:

shred -s 10 passwords

Only the first password in the file is shredded.

Change Permissions to Allow Writing if Necessary

The -f option forces file permissions to allow writing, even if the file is write-protected:

shred -f [filename]

Hide Shredding

The -z option overwrites a file with zeros after shredding. This action makes it less evident that the file was securely deleted. The syntax is:

shred -z [filename]

For example, to overwrite the passwords file with zeroes and display the process in the terminal, enter:

shred -zv passwords 

Because the -z option was used, the final 4th pass overwrites the file with zeroes to hide the shredding activity.

Display Help

To view all available options and shred command details, use the --help flag:

shred --help

The list also includes tips and examples for effectively using the shred command.

Conclusion

This tutorial showed how to use the shred command to erase files from a file system permanently and the different options to customize the shredding process.

If you do not need to delete files, hiding files and folders in Linux can help keep sensitive or cluttered data out of sight.