[筆記] 在 Linux 底下快速抹寫磁碟剩餘空間

2015-11-25

Update

後來發現，其實內建的shred指令就可以做到了，而且速度更快～

shred -v -n 10000(抹除 10000次) -u -v /dev/sda

用iftop 看，大概都能維持在300M 左右的寫入速度

實際跑起來，從 iotop 上看到的數據，似乎是比 dd 要來得快～

http://superuser.com/questions/19326/how-to-wipe-free-disk-space-in-linux

Wipe a drive at top speed.

Typical instructions for encrypting a drive nowadays will tell you to first WIPE the drive.

The command below will fill your drive with AES ciphertext.

Use a live CD if you need to wipe your main boot drive.

Open a terminal and elevate your privileges:

sudo bash
`</pre>
Let us list all drives on the system to be safe:
<pre>`cat /proc/partitions
`</pre>
NOTE: Replace<span class="Apple-converted-space"> </span>`/dev/sd{x}`<span class="Apple-converted-space"> </span>with the device you wish to wipe.

WARNING: This is not for amateurs! You could make your system unbootable!!!

`sudo openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2&gt;/dev/null | base64)" -nosalt &lt; /dev/zero &gt; /dev/sd{x} `

&nbsp;

&nbsp;

另外有一段也可以參考
> &nbsp;

<pre>`# Install the secure-delete package (sfill command).


# To see progress type in new terminal:

# watch -n 1 df -hm


# Assuming that there is one partition (/dev/sda1). sfill writes to /.

# The second pass writes in current directory and synchronizes data.

# If you have a swap partition then disable it by editing /etc/fstab

# and use "sswap" or similar to wipe it out.


# Some filesystems such as ext4 reserve 5% of disk space

# for special use, for example for the /home directory.

# In such case sfill won't wipe out that free space. You

# can remove that reserved space with the tune2fs command.

# See http://superuser.com/a/150757

# and https://www.google.com/search?q=reserved+space+ext4+sfill


sudo tune2fs -m 0 /dev/sda1

sudo tune2fs -l /dev/sda1 | grep 'Reserved block count'


sudo sfill -vfllz /


# sfill with the -f (fast) option won't synchronize the data to

# make sure that all was actually written. Without the fast option

# it is way too slow, so doing another pass in some other way with

# synchronization. Unfortunately this does not seem to be perfect,

# as I've watched free space by running the "watch -n 1 df -hm"

# command and I could see that there was still some available space

# left (tested on a SSD drive).


dd if=/dev/zero of=zero.small.file bs=1024 count=102400

dd if=/dev/zero of=zero.file bs=1024

sync ; sleep 60 ; sync

rm zero.small.file

rm zero.file


sudo tune2fs -m 5 /dev/sda1

sudo tune2fs -l /dev/sda1 | grep 'Reserved block count'