How to securely delete files in Xubuntu

If you, like me, are a wee bit paranoid, it gives a warm fuzzy feeling to know, that there are no practical ways of recovering your deleted files. So I figured I should write about how to securely delete files in xubuntu.

For this, we will use a program called srm to securely delete our files. From the srm manpage:

The secure data deletion process of srm goes like this:

  • 1 pass with 0xff
  • 5 random passes. /dev/urandom is used for a secure RNG if available.
  • 27 passes with special values defined by Peter Gutmann.
  • 5 random passes. /dev/urandom is used for a secure RNG if available.
  • Rename the file to a random value
  • Truncate the file

This means that each file you delete with srm will be overwritten 38 times - so if you delete a bunch of big files, this will take a lot of time.

Now, we need to install srm which comes in the secure-delete package and configure a few things. Start by opening a terminal and type in:

sudo apt-get install secure-delete

Now, you need to add a line to a file called .bashrc - this file configures things for when you work in the terminal:

echo alias rm='srm' >> ~/.bashrc

This will make sure that every time you delete a file with the rm command, it will get securely deleted, without you having to think about it.

If you think that overwriting every file 37 times is a bit over the top, you can adjust just how securely you want your files to be deleted. Again, from the srm manpage:

-f fast (and insecure mode): no /dev/urandom, no synchronize mode.
-l lessens the security. Only two passes are written: one mode with 0xff and a final mode random values.
-l -l for a second time lessons the security even more: only one random pass is written.
-z wipes the last write with zeros instead of random data

Here is a little comparison of deleting a file with the different flags. The file was created like so:

dd if=/dev/zero of=test.file bs=1M count=100

Results.. Running srm with no flags takes 3063 seconds. Running with the -f flag takes 60 seconds. Running with -l takes 176 seconds and running with -l -l takes 91 seconds.

So clearly, running with the -f flag results in the fastest (obviously), with a speedup of over 50 times! I personally use the -l flag twice in my alias statement. You can do that too, like this:

echo alias rm='srm -l -l' >> ~/.bashrc

If you want to, you can configure a custom action, which is an entry in the right click menu of Thunar, the file manager in xubuntu. I WILL NOT tell you how to do that, since you might accidentally delete everything - a safer approach is to right click - select open terminal and then use the rm or srm command to delete the files you wish to delete securely.

Written by Jannich Brendle man 26 december 2011 In How to

tags: debian secure deletelinux secure deletexubuntu secure delete