nwipe - Man Page
securely erase disks
Synopsis
nwipe [options] [device1] [device2] ...
Description
nwipe is a command that will securely erase disks using a variety of recognised methods. It is a fork of the dwipe command used by Darik's Boot and Nuke (dban). nwipe is included with partedmagic if you want a quick and easy bootable CD version. nwipe was created out of a need to run the DBAN dwipe command outside of DBAN, in order to allow its use with any host distribution, thus giving better hardware support. It is essentially the same as dwipe, with a few changes:
- pthreads is used instead of fork
- The parted library is used to detect drives
- The code is designed to be compiled with gcc
- SIGUSR1 can be used to log the stats of the current wipe
Options
- -V, --version
Prints the version number
- -h, --help
Prints a help summary
- --autonuke
If no devices have been specified on the command line, starts wiping all devices immediately. If devices have been specified, starts wiping only those specified devices immediately.
- --autopoweroff
Power off system on completion of wipe delayed for one minute. During this one minute delay you can abort the shutdown by typing sudo shutdown -c
- --sync=NUM
Will perform a syn after NUM writes (default: 100000)
0 - fdatasync after the disk is completely written
fdatasync errors not detected until completion.
0 is not recommended as disk errors may cause nwipe
to appear to hang1 - fdatasync after every write
Warning: Lower values will reduce wipe speeds.1000 - fdatasync after 1000 writes
- --noblank
Do not perform the final blanking pass after the wipe (default is to blank, except when the method is RCMP TSSIT OPS-II).
- --nowait
Do not wait for a key before exiting (default is to wait).
- --nosignals
Do not allow signals to interrupt a wipe (default is to allow).
- --nousb
Do not show or wipe any USB devices, whether in GUI, --nogui or autonuke mode. (default is to allow USB devices to be shown and wiped).
- --nogui
Do not show the GUI interface. Can only be used with the autonuke option. Nowait option is automatically invoked with the nogui option. SIGUSR1 can be used to retrieve the current wiping statistics.
- -v, --verbose
Log more messages, useful for debugging.
- --verify=TYPE
Whether to perform verification of erasure (default: last)
off - Do not verify
last - Verify after the last pass
all - Verify every pass
Please mind that HMG IS5 enhanced always verifies the last (PRNG) pass regardless of this option.
- -m, --method=METHOD
The wiping method (default: dodshort).
dod522022m / dod - 7 pass DOD 5220.22-M method
dodshort / dod3pass - 3 pass DOD method
gutmann - Peter Gutmann's Algorithm
ops2 - RCMP TSSIT OPS-II
random / prng / stream - PRNG Stream
zero / quick - Overwrite with zeros 0x00
one - Overwrite with ones 0xFF
verify_zero - Verifies disk is zero filled
verify_one - Verifies disk is 0xFF filled
is5enh - HMG IS5 enhanced
- -l, --logfile=FILE
Filename to log to. Default is STDOUT
- -P, --PDFreportpath=DIR
Directory to write the PDF nwipe reports/certificates to. Defaults to ".". If DIR is set to noPDF no report PDF files are written.
- -p, --prng=METHOD
PRNG option (mersenne|twister|isaac|isaac64)
- -q, --quiet
Anonymize serial numbers, Gui & logs display:
XXXXXXXX = S/N obtained & anonymized.
???????? = S/N not available.- -r, --rounds=NUM
Number of times to wipe the device using the selected method (default: 1)
- -e, --exclude=DEVICES
Up to ten comma separated devices to be excluded, examples:
--exclude=/dev/sdc
--exclude=/dev/sdc,/dev/sdd
--exclude=/dev/sdc,/dev/sdd,/dev/mapper/cryptswap1
Bugs
Please see the GitHub site for the latest list (https://github.com/martijnvanbrummelen/nwipe/issues)
Author
Nwipe is developed by Martijn van Brummelen <github@brumit.nl>