nwipe - Man Page

securely erase disks

Synopsis

nwipe [options] [device1] [device2] ...

Description

nwipe is a command that will securely erase disks using a variety of recognised methods.  It is a fork of the dwipe command used by Darik's Boot and Nuke (dban).  nwipe is included with partedmagic if you want a quick and easy bootable CD version.  nwipe was created out of a need to run the DBAN dwipe command outside of DBAN, in order to allow its use with any host distribution, thus giving better hardware support.  It is essentially the same as dwipe, with a few changes:

- pthreads is used instead of fork

- The parted library is used to detect drives

- The code is designed to be compiled with gcc

- SIGUSR1 can be used to log the stats of the current wipe

Options

-V,  --version

Prints the version number

-h,  --help

Prints a help summary

--autonuke

If no devices have been specified on the command line, starts wiping all devices immediately. If devices have been specified, starts wiping only those specified devices immediately.

--autopoweroff

Power off system on completion of wipe delayed for one minute. During this one minute delay you can abort the shutdown by typing sudo shutdown -c

--sync=NUM

Will perform a syn after NUM writes (default: 100000)

0    - fdatasync after the disk is completely written
      fdatasync errors not detected until completion.
      0 is not recommended as disk errors may cause nwipe
      to appear to hang

1    - fdatasync after every write
      Warning: Lower values will reduce wipe speeds.

1000 - fdatasync after 1000 writes

--noblank

Do not perform the final blanking pass after the wipe (default is to blank, except when the method is RCMP TSSIT OPS-II).

--nowait

Do not wait for a key before exiting (default is to wait).

--nosignals

Do not allow signals to interrupt a wipe (default is to allow).

--nousb

Do not show or wipe any USB devices, whether in GUI, --nogui or autonuke mode. (default is to allow USB devices to be shown and wiped).

--nogui

Do not show the GUI interface. Can only be used with the autonuke option. Nowait option is automatically invoked with the nogui option. SIGUSR1 can be used to retrieve the current wiping statistics.

-v,  --verbose

Log more messages, useful for debugging.

--verify=TYPE

Whether to perform verification of erasure (default: last)

off   - Do not verify

last  - Verify after the last pass

all   - Verify every pass

Please mind that HMG IS5 enhanced always verifies the last (PRNG) pass regardless of this option.

-m,  --method=METHOD

The wiping method (default: dodshort).

dod522022m / dod       - 7 pass DOD 5220.22-M method

dodshort / dod3pass    - 3 pass DOD method

gutmann                - Peter Gutmann's Algorithm

ops2                   - RCMP TSSIT OPS-II

random / prng / stream - PRNG Stream

zero / quick           - Overwrite with zeros 0x00

one                    - Overwrite with ones 0xFF

verify_zero            - Verifies disk is zero filled

verify_one             - Verifies disk is 0xFF filled

is5enh                 - HMG IS5 enhanced

-l,  --logfile=FILE

Filename to log to. Default is STDOUT

-P,  --PDFreportpath=DIR

Directory to write the PDF nwipe reports/certificates to. Defaults to ".". If DIR is set to noPDF no report PDF files are written.

-p,  --prng=METHOD

PRNG option (mersenne|twister|isaac|isaac64)

-q,  --quiet

Anonymize serial numbers, Gui & logs display:
XXXXXXXX = S/N obtained & anonymized.
???????? = S/N not available.

-r,  --rounds=NUM

Number of times to wipe the device using the selected method (default: 1)

-e,  --exclude=DEVICES

Up to ten comma separated devices to be excluded, examples:
--exclude=/dev/sdc
--exclude=/dev/sdc,/dev/sdd
--exclude=/dev/sdc,/dev/sdd,/dev/mapper/cryptswap1

Bugs

Please see the GitHub site for the latest list (https://github.com/martijnvanbrummelen/nwipe/issues)

Author

Nwipe is developed by Martijn van Brummelen <github@brumit.nl>

See Also

shred(1), dwipe(1), dd(1), dcfldd(1), dc3dd(1)

Info

May 2024 nwipe version 0.37