How to securely wipe a disk or partition in Linux

When you delete files or format partitions in Linux, the actual data remains intact. Only the pointers to the data are removed, making it recoverable. For example, removing a partition deletes the partition entry but keeps the data. To ensure data is unrecoverable, you need to overwrite the disk with zeros or random data. This process is crucial when repurposing or disposing of drives containing sensitive information.

To securely wipe a disk, use commands that write over existing data. This guarantees that the old data can no longer be accessed. Different storage devices like HDDs and SSDs may require different methods, but the goal remains the same: complete and secure data removal. It's important to follow the appropriate steps to ensure data is wiped correctly.

Wiping a disk is essential when selling or recycling hardware. It ensures that personal or confidential information cannot be recovered. The process involves overwriting the data so it cannot be restored using standard recovery tools.

Steps to completely wipe a disk or partition in Linux:

Open the terminal.

List available disks and partitions.

$ lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
loop0    7:0    0  55.4M  1 loop /snap/core18/19
loop1    7:1    0  55.4M  1 loop /snap/core18/19
loop2    7:2    0    51M  1 loop /snap/snap-stor
loop3    7:3    0   219M  1 loop /snap/gnome-3-3
loop4    7:4    0 217.9M  1 loop /snap/gnome-3-3
loop5    7:5    0  31.1M  1 loop /snap/snapd/104
loop6    7:6    0  62.1M  1 loop /snap/gtk-commo
loop7    7:7    0  64.8M  1 loop /snap/gtk-commo
loop8    7:8    0    51M  1 loop /snap/snap-stor
loop9    7:9    0  31.1M  1 loop /snap/snapd/107
sda      8:0    0    20G  0 disk 
├─sda1   8:1    0     1M  0 part 
├─sda2   8:2    0   513M  0 part /boot/efi
└─sda3   8:3    0  19.5G  0 part /
sdb      8:16   0    20G  0 disk 
└─sdb1   8:17   0    20G  0 part 
sr0     11:0    1  1024M  0 rom

Use the lsblk command to list all attached disks and partitions. Identify the correct disk or partition to wipe.

Unmount the target disk or partition.
```
$ sudo umount /dev/sdb1
[sudo] password for user: 
umount: /dev/sdb1: not mounted.
```
If the disk or partition is mounted, use the umount command to safely unmount it before proceeding. If it cannot be unmounted, boot from a live CD like Ubuntu to complete the wipe.

Overwrite the disk or partition with zeros.

$ sudo dd if=/dev/zero of=/dev/sdb status=progress
21471859200 bytes (21 GB, 20 GiB) copied, 269 s, 79.8 MB/s 
dd: writing to '/dev/sdb': No space left on device
41943041+0 records in
41943040+0 records out
21474836480 bytes (21 GB, 20 GiB) copied, 269.451 s, 79.7 MB/s

The dd command writes zeros to the entire disk, ensuring data is no longer recoverable. This process may take a long time depending on disk size and speed. Replace /dev/zero with /dev/urandom for random data overwrites.

For SSDs, overwrite the disk multiple times using random data.
```
$ sudo dd if=/dev/urandom of=/dev/sdb status=progress 
```
To securely wipe SSDs, use random data with multiple passes, as the zeroing method might leave some data intact due to SSD controller behavior.
Refresh the partition table after wiping the disk.
```
$ partprobe
```
After wiping the entire disk, use the partprobe command to refresh the partition table and recognize changes in the system.

Verify the wipe by listing the available disks and partitions again.

$ lsblk
NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
loop0    7:0    0  55.4M  1 loop /snap/core18/19
loop1    7:1    0  55.4M  1 loop /snap/core18/19
loop2    7:2    0    51M  1 loop /snap/snap-stor
loop3    7:3    0   219M  1 loop /snap/gnome-3-3
loop4    7:4    0 217.9M  1 loop /snap/gnome-3-3
loop5    7:5    0  31.1M  1 loop /snap/snapd/104
loop6    7:6    0  62.1M  1 loop /snap/gtk-commo
loop7    7:7    0  64.8M  1 loop /snap/gtk-commo
loop8    7:8    0    51M  1 loop /snap/snap-stor
loop9    7:9    0  31.1M  1 loop /snap/snapd/107
sda      8:0    0    20G  0 disk 
├─sda1   8:1    0     1M  0 part 
├─sda2   8:2    0   513M  0 part /boot/efi
└─sda3   8:3    0  19.5G  0 part /
sdb      8:16   0    20G  0 disk 
sr0     11:0    1  1024M  0 rom

Check the disk to confirm it is completely empty.
```
# timeout 1 head /dev/sdb
```
The head command will attempt to read from the disk. If the wipe was successful, the disk should return empty data. Set a timeout to prevent scanning the entire disk.

Author: Mohd Shakir Zakaria
Mohd Shakir Zakaria is an experienced cloud architect with a strong development and open-source advocacy background. He boasts multiple certifications in AWS, Red Hat, VMware, ITIL, and Linux, underscoring his expertise in cloud architecture and system administration.

Discuss the article:

Comment anonymously. Login not required.