2

The shred command (of coreutils 8.23) overwrites a device with configurable data from beginning to end which is perfectly fine for the use cases it is designed for (which are all related to write something to the complete device).

In my case it”d be sufficient to do with the x first bytes and y last bytes of a device what shred does to the whole device, but I don't seem to find a good solution avoiding to specify explicit value (device size, etc.). I could write from a random source to a calculated part of the device with dd, but then I have to get the device size, struggle with MiB and MB, etc. Maybe there's something as comfortable as shred (or I'm just missing something).

Mostly partitioning related information (gpt, msdos partition table and backups) are placed at the beginning and end of a device.

Kalle Richter
  • 2,472
  • 6
  • 44
  • 64

1 Answers1

3

Are you sure what you really want isn't "wipefs - wipe a filesystem signature from a device"?

dd isn't that difficult to use, especially getting the right numbers from gparted or fdisk, see below.

The whole-disk method works, as in dd if=/dev/zero of=/dev/sdx. Possibly with bs=1M to increase the speed. Or replace /dev/zero with /dev/urandom` for more random-looking data. As in "ArchWiki's Securely wipe disk".

For just one partition number "n", aka "sdxn", could do dd if=/dev/zero of=/dev/sdxn

For just the "first" n MB's, you could do dd if=/dev/zero of=/dev/sdx bs=1M count=n

For the "start" & "end", you could find out the drive's sector size & total sectors - gparted tells you that easily, under "View -> Device Info", and it even tells you where a partition's start & end sectors are. parted & fdisk (for MBR) should too.

Then, use some math to figure out where to wipe.

  • Tiny (512b) exact way - find which sectors to wipe. If your drive has 512 byte sectors, and has 251658240 sectors (is 120GB,= 251658240 sectors * 512 bytes / 1024 convert to k / 1024 to M / 1024 to G)...

    • to wipe the last 1G (gig, G=1024*1024*1024 bytes) you could figure the sectors in 1GB (1GB/512b = 1 * 1024 * 1024 * 1024 / 512 = 2097152), then subtract that from the total sectors 251658240 - 2097152 = 249561088 and start at that sector for that many sectors:
      dd if=/dev/zero of=/dev/sdx bs=512 seek=249561088 count=2097152

  • You could convert the bs, seek & count to use M (M=1024*1024) instead, if it's too slow going 512b at a time. The disk always starts at 0, but ends on 251658240 * 512 / 1024 / 1024 = 122880 in M's.

    • Wipe the last 1G There's 1024 M's in a G, so skip over 122880 - 1024 = 121856 M's and do:
      dd if=/dev/zero of=/dev/sdx bs=1M seek=121856 count=1024

  • Gig-at-a-time rough estiamte, works fine where writing beyond the "end" causes no damage (the very end of the disk, not wiping a middle partition). Try 1G (G=1024*1024*1024 bytes) at a time. See man dd for more info, it understands K, M, G, others.

    • The last G, dd if=/dev/zero of=/dev/sdx bs=1G seek=119 omitting count to keep going right to the end of the device.

Or, for a probably faster way to write "random" data to a whole partition/drive, you can use dm-crypt:

First, create a temporary encrypted container on the partition (sdXY) or the full disk (sdX) you want to encrypt, e.g. using default parameters

# cryptsetup open --type plain /dev/sdXY container

Second, check it exists

# fdisk -l
Disk /dev/mapper/container: 1000 MB, 1000277504 bytes
...
Disk /dev/mapper/container does not contain a valid partition table

Finally, wipe it with pseudorandom (encrypted data), a use of /dev/urandom is not required as the encryption cipher is used for randomness:

# dd if=/dev/zero of=/dev/mapper/container
dd: writing to ‘/dev/mapper/container’: No space left on device
Xen2050
  • 14,391