Data deletion operations such as deleting files and folders, formatting partitions, or partitioning disks generally do not delete the actual data; instead, they delete the pointer to the real data. For example, deleting a partition only removes the partition's entry in the partition table while the actual partition remains intact. It is a cause for concern if you want to clear the data, such as when disposing a disk with sensitive files or when you're selling your hard drive.

One way to securely erase all the files and data in the disk is by writing empty or random data to every bit of the disk so that all the existing data is overwritten. It can be done in Linux using dd by using zero or random characters as input.

Steps to completely erase disk and partition in Linux:

  1. Launch terminal.
  2. List disks and partitions available in the system.
    $ lsblk
    NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
    loop0    7:0    0  55.4M  1 loop /snap/core18/19
    loop1    7:1    0  55.4M  1 loop /snap/core18/19
    loop2    7:2    0    51M  1 loop /snap/snap-stor
    loop3    7:3    0   219M  1 loop /snap/gnome-3-3
    loop4    7:4    0 217.9M  1 loop /snap/gnome-3-3
    loop5    7:5    0  31.1M  1 loop /snap/snapd/104
    loop6    7:6    0  62.1M  1 loop /snap/gtk-commo
    loop7    7:7    0  64.8M  1 loop /snap/gtk-commo
    loop8    7:8    0    51M  1 loop /snap/snap-stor
    loop9    7:9    0  31.1M  1 loop /snap/snapd/107
    sda      8:0    0    20G  0 disk 
    ├─sda1   8:1    0     1M  0 part 
    ├─sda2   8:2    0   513M  0 part /boot/efi
    └─sda3   8:3    0  19.5G  0 part /
    sdb      8:16   0    20G  0 disk 
    └─sdb1   8:17   0    20G  0 part 
    sr0     11:0    1  1024M  0 rom 
  3. Make sure the disk or partition (within the disk) you want to delete securely is not mounted.
    $ sudo umount /dev/sdb1
    [sudo] password for user: 
    umount: /dev/sdb1: not mounted.

    Launch live cd such as from Ubuntu installer if the disk can't be unmounted such as the root filesystem.

  4. Zero the disk or partition using dd.
    $ sudo dd if=/dev/zero of=/dev/sdb status=progress
    21471859200 bytes (21 GB, 20 GiB) copied, 269 s, 79.8 MB/s 
    dd: writing to '/dev/sdb': No space left on device
    41943041+0 records in
    41943040+0 records out
    21474836480 bytes (21 GB, 20 GiB) copied, 269.451 s, 79.7 MB/s

    This will take a while as dd will need to write every single bit of data within the disk. Time taken depends on the disk size and disk speed.

    Replace /dev/zero with /dev/random or /dev/urandom to fill the disk with random character instead.

    It is recomended to use /dev/random or /dev/urandom and to repeat this step multiple times (multi-pass) for SSD devices as some built-in function in SSD's controller might still leave some data intact with the common disk-zeroing method.

  5. Re-read partition table if you've deleted an entire disk instead of just a partition.
    $ partprobe

  6. List disks and partitions again to see.
    $ lsblk
    NAME   MAJ:MIN RM   SIZE RO TYPE MOUNTPOINT
    loop0    7:0    0  55.4M  1 loop /snap/core18/19
    loop1    7:1    0  55.4M  1 loop /snap/core18/19
    loop2    7:2    0    51M  1 loop /snap/snap-stor
    loop3    7:3    0   219M  1 loop /snap/gnome-3-3
    loop4    7:4    0 217.9M  1 loop /snap/gnome-3-3
    loop5    7:5    0  31.1M  1 loop /snap/snapd/104
    loop6    7:6    0  62.1M  1 loop /snap/gtk-commo
    loop7    7:7    0  64.8M  1 loop /snap/gtk-commo
    loop8    7:8    0    51M  1 loop /snap/snap-stor
    loop9    7:9    0  31.1M  1 loop /snap/snapd/107
    sda      8:0    0    20G  0 disk 
    ├─sda1   8:1    0     1M  0 part 
    ├─sda2   8:2    0   513M  0 part /boot/efi
    └─sda3   8:3    0  19.5G  0 part /
    sdb      8:16   0    20G  0 disk 
    sr0     11:0    1  1024M  0 rom
  7. Check the content of the disk from an administrative account.
    # timeout 1 head /dev/sdb

    A timeout needs to be set to the command since the disk is now empty, or else the command will need to scan the whole disk before it quits.

Discuss the article:

Comment anonymously. Login not required.

Share!