0

I'm trying to determine what shred uses to overwrite a file. Here's the description:

Overwrite the specified FILE(s) repeatedly, in order to make it harder for even very expensive hardware probing to recover the data.

Can anyone confirm the overwirte occurs with random data (as opposed to 0's, which occurs with --zero)? The man page does not include the word 'random'.

If the command does not use random values, then what is used?

Edit: Here's the code I'm looking at. Its from OpenStack's lvm.py, and its used to wipe a volume upon deletion:

+  elif FLAGS.volume_clear == 'shred':
+      clear_cmd = ['shred', '-n3']
...
jww
  • 12,722

1 Answers1

0

The MAN and INFO pages for coreutils shred do not explicitly state how random data is used within its overwrite process, however, it implies that random data is used for overwrite, in the description of --zero:

‘--zero’

Normally, the last pass that shred writes is made up of random data. If this would be conspicuous on your hard drive (for example, because it looks like encrypted data), or you just think it's tidier, the --zero option adds an additional overwrite pass with all zero bits. This is in addition to the number of passes specified by the --iterations option. http://man7.org/linux/man-pages/man1/shred.1.html

and the

‘--random-source=file’

Use file as a source of random data used to overwrite and to choose pass ordering. http://man7.org/linux/man-pages/man1/shred.1.html

implies that you can specify the device used to provide the random (/dev/urandom, etc). More info here: https://www.gnu.org/software/coreutils/manual/html_node/Random-sources.html#Random-sources

That the --zero specifically states that it is written with an additional pass, I believe they are insistent that a guttman method be used for the initial overwrite.

Frank Thomas
  • 37,476