srm - Man Page

securely remove files or directories

Examples (TL;DR)

Synopsis

srm [OPTION]... FILE...

Description

srm removes each specified file by overwriting, renaming, and truncating  it before unlinking.  This prevents other people from undeleting or  recovering any information about the file from the command line. By default srm uses the simple mode to overwrite the file's contents. You can choose a different overwrite mode with --dod, --doe, --openbsd, --rcmp, --gutmann. If you specify more than one mode option, the last option is used.

You can use srm to overwrite block devices.  The device node is not removed after overwriting.  This feature is available on Linux. Files with multiple hard links will be unlinked but not overwritten.

srm, like every program that uses the getopt function to parse its arguments, lets you use the -- option to indicate that all following arguments are non-options. To remove a file called `-f' in the current directory, you could type either

rm -- -f

or

rm ./-f

Options

-d,  --directory

ignored (for compatibility with rm(1))

-f,  --force

ignore nonexistent files, never prompt

-i,  --interactive

prompt before any removal

-r,  -R,  --recursive

remove the contents of directories recursively

-x,  --one-file-system

when removing a hierarchy recursively, skip any directory that is on a file system different from that of the corresponding command line argument.  (Not supported on Windows)

-s,  --simple

Overwrite the file with a single pass of 0x00 bytes. This is the default mode.

-P,  --openbsd

OpenBSD compatible rm.  Files are overwritten three times, first with the byte 0xFF, then 0x00, and then 0xFF again, before they are deleted.

-D,  --dod

US Dod compliant 7-pass overwrite.

-E,  --doe

US DoE compliant 3-pass overwrite.  Twice with a random pattern, finally with the bytes "DoE". See http://cio.energy.gov/CS-11_Clearing_and_Media_Sanitization_Guidance.pdf for details.

-G,  --gutmann

Use the 35-pass Gutmann method. See http://en.wikipedia.org/wiki/Gutmann_method for details.

-C,  --rcmp

Royal Canadian Mounted Police compliant 3-pass overwrite. First pass writes 0x00 bytes. Second pass writes 0xFF bytes. Third pass writes "RCMP". See https://www.cse-cst.gc.ca/en/node/270/html/10572 for details.

-v,  --verbose

explain what is being done.  Specify this option multiple times to increase verbosity.

-h,  --help

display this help and exit.

-V,  --version

output version information and exit.

Signals

SIGINFO, SIGUSR2

show current write position and filename handled.

Entire Hard Disks

srm can write to block devices on Linux.  You can use srm to securely delete an entire hard disk, however you should only do this for classic magnetic drives.  The modern solid state disks (SSD) have a faster and better way to erase all contents, Secure Erase. For a Linux operating system see https://ata.wiki.kernel.org/index.php/ATA_Secure_Erase

Notes

srm can not remove write protected files owned by another user, regardless of the permissions on the directory containing the file.

Development and discussion of srm is carried out at https://sourceforge.net/projects/srm/ which is also accessible via http://srm.sourceforge.net/. See http://en.wikipedia.org/wiki/Data_remanence for a general discussion about overwriting data.

See Also

rm(1)

http://www.gnu.org/software/coreutils/manual/coreutils.html#rm-invocation

shred(1)

http://www.gnu.org/software/coreutils/manual/coreutils.html#shred-invocation

wipe(1)

http://lambda-diode.com/software/wipe

secure-delete

http://packages.debian.org/lenny/secure-delete

scrub(1)

http://code.google.com/p/diskscrub/

Info

1.2.15 Matt Gauthier, Dirk Jagdmann