linux 安全删除文件
Shred old data files for the same reason you shred old paper documents. We tell you what you need to know about securely deleting Linux files. This tutorial covers the shred command and the secure-delete suite of utilities.
切碎旧数据文件的原因与切碎旧纸质文档的原因相同。 我们告诉您有关安全删除Linux文件的知识。 本教程介绍了shred命令和实用程序的secure-delete套件。
删除的文件通常可以恢复 (Deleted Files Are Normally Recoverable)
Deleting a file doesn’t actually remove it from your hard drive. It’s all down to the way your filesystem uses inodes. These are the data structures within the filesystem that hold the metadata regarding the files. The name of the file, its position on the hard drive, what attributes and permissions it has, and so on are all stored within an inode. A directory is no more than a file itself. One that holds the names and inode numbers of the files that the directory contains.
删除文件实际上并不会将其从硬盘驱动器中删除。 这完全取决于文件系统使用索引节点的方式。 这些是文件系统中的数据结构,其中包含有关文件的元数据。 文件的名称,其在硬盘驱动器上的位置,文件的属性和权限等等都存储在一个inode中。 目录只不过是文件本身。 包含目录包含的文件的名称和索引节点号的目录。
When you delete a file with rm, the filesystem frees up the appropriate inode and adjusts the directory file. This marks the space on the hard drive that the file used to occupy as unused. Imagine you walk into a library and go through the card index, find a book’s catalog card, and rip it up. The book is still on the shelf. It’s just harder to find.
使用rm删除文件时,文件系统将释放相应的inode并调整目录文件。 这会将文件曾经占用的硬盘驱动器上的空间标记为未使用。 想象一下,您走进图书馆,浏览卡索引,找到一本书的目录卡,然后将其撕裂。 这本书还在书架上。 很难找到。
In other words, the space that was used by the file is now free to be used by other files. But the contents of the old file still sit in that space. Until that space is overwritten, there is a good chance that file can be retrieved.
换句话说,文件所使用的空间现在可以自由供其他文件使用。 但是旧文件的内容仍然位于该空间中。 在该空间被覆盖之前,很有可能可以检索文件。
But completely getting rid of a file isn’t as straightforward as simply overwriting them. As we shall see.
但是,完全删除文件并不像简单地覆盖它们那样简单。 正如我们将看到。
不要用SSD来做 (Don’t Do This With SSD’s)
These techniques are for traditional electro-mechanical hard disk drives (HDD), and should not be used with solid state drives (SSD). It won’t work and will cause extra writes and unnecessary wear to your SSD. To securely erase data from an SSD, you should use the utility provided by the manufacturer of your SSD.
这些技术适用于传统的机电硬盘驱动器(HDD),不应与固态驱动器(SSD)一起使用。 它将无法正常工作,并会导致额外的写入和不必要的磨损。 为了安全地从SSD擦除数据,您应该使用SSD制造商提供的实用程序。
切碎的命令 (The shred Command)
shred is designed to perform the overwriting for you so a deleted file cannot be recovered. It is included in all of the Linux distributions that were tested during the research for this article, including Ubuntu, Fedora, and Manjaro.
shred旨在为您执行覆盖,因此无法恢复已删除的文件。 它包含在本文研究期间测试过的所有Linux发行版中,包括Ubuntu,Fedora和Manjaro。
In this example, we’re going to be working in a directory called ~/research, which contains many text files. It also contains some other directories which in turn contain other files. We’re going to assume these files are sensitive and must be erased entirely from the hard drive.
在此示例中,我们将在名为〜/ research的目录中工作,该目录包含许多文本文件。 它还包含一些其他目录,这些目录又包含其他文件。 我们将假定这些文件是敏感文件,必须将其完全从硬盘中删除。
We can see the directory tree structure by using the tree command as follows. The -d (directory) option causes tree to list directories only, and not to list all of the files. The directory tree structure looks like this:
通过使用tree命令,我们可以看到目录树结构,如下所示。 -d (目录)选项使tree仅列出目录,而不列出所有文件。 目录树结构如下所示:
tree -d
切碎单个文件 (Shredding a Single FIle)
To shred a single file, we can use the following command. The options we are using are:
要切碎单个文件,我们可以使用以下命令。 我们使用的选项是:
u: Deallocate and remove the file after overwriting.
u :覆盖后取消分配并删除文件。
v: Verbose option, so that
shredtells us what it is doing.v :详细选项,以便
shred告诉我们它在做什么。z: Performs a final overwrite with zeroes.
z :用零执行最终覆盖。
shred -uvz Preliminary_Notes.txt_01.txt
shred overwrites the file four times by default. The first three passes use random data, and the final pass uses zeroes, as we requested. It then removes the file and overwrites some of the metadata in the inode
默认情况下, shred覆盖文件四次。 根据我们的要求,前三遍使用随机数据,最后一遍使用零。 然后,它删除文件并覆盖inode中的某些元数据
设置覆盖次数 (Setting the Number of Overwrite Passes)
We can ask shred to use more or fewer overwrite passes by using the -n (number) option. shred will always use at least one pass. The number we provide here is the number of extra passes we require shred to perform. So shred will always do one more pass than the number we ask for. To get three passes in total, we request an extra two passes:
我们可以通过-n (数字)选项要求shred使用更多或更少的覆盖-n 。 shred将始终使用至少一遍。 我们在此处提供的数字是我们需要shred的额外通行证数量。 因此, shred总是比我们要求的通过更多次。 要总共获得三张通行证,我们要求再增加两张通行证:
shred -uvz -n 2 Preliminary_Notes.txt_02.txt
As expected, shred makes three passes.
如预期的那样, shred经过三关。
Fewer passes—fewer shreddings if you like— is obviously faster. But is it less secure? Three passes, interestingly, is probably more than enough.
通过的次数更少(如果您愿意,可以减少碎纸次数)显然更快。 但是它不那么安全吗? 有趣的是,三遍就足够了。
切碎多个文件 (Shredding Multiple FIles)
Wildcards can be used with shred to select groups of files to be erased. The * represents multiple characters, and the ? represents a single character. This command would delete all of the remaining “Preliminary_Notes” files in the current working directory.
通配符可与shred一起使用,以选择要删除的文件组。 *表示多个字符,而? 代表一个字符。 该命令将删除当前工作目录中的所有其余“ Preliminary_Notes”文件。
shred -uvz -n 2 Preliminary_Notes_*.*
The remaining files are each processed by shred in turn.
其余文件均通过加工shred反过来。
shred has no recursive option, so it cannot be used to erase directory trees of nested directories.
shred没有递归选项,因此不能用于擦除嵌套目录的目录树。
安全删除文件的麻烦 (The Trouble With Securely Deleting Files)
As good as shred is, there’s an issue. Modern journaling file systems such as ext3 and ext4 go to tremendous efforts to ensure they don’t break, become corrupt, or lose data. And with journaling filesystems, there’s no guarantee that the overwriting is actually taking place over the hard drive space used by the deleted file.
shred ,这是一个问题。 诸如ext3和ext4之类的现代日记文件系统已尽力确保它们不会损坏,损坏或丢失数据。 对于日记文件系统,不能保证覆盖实际上是在已删除文件所使用的硬盘空间上进行的。
If all you’re after some peace of mind that the files have been deleted a bit more thoroughly than rm would have done it, then shred is probably fine. But don’t make the mistake of thinking that the data is definitely gone and is totally irrecoverable. That’s quite possibly not the case.
如果您只是放心地删除了文件,比rm删除它要彻底得多,那么shred可能没问题。 但是不要误以为数据肯定已经消失并且是完全不可恢复的。 事实并非如此。
安全删除套件 (The secure-delete Suite)
The secure-delete commands try to overcome the best efforts of journaling filesystems and to succeed in overwriting the file securely. But exactly the same caveats apply. There is still no guarantee that the overwriting is actually taking place over the region of the hard drive that you need it to obliterate the file of interest. There’s more chance, but no guarantee.
secure-delete命令试图克服对日志文件系统进行的最大努力,并成功地安全地覆盖文件。 但是完全一样的警告。 仍然无法保证覆盖实际上是在您需要清除硬盘上所需文件的硬盘驱动器区域上进行的。 机会更多,但不能保证。
The secure-delete commands use the following sequence of overwrites and actions:
secure-delete命令使用以下顺序的覆盖和操作:
- 1 overwrite with 0xFF value bytes.1用0xFF值字节覆盖。
- 5 overwrites with random data.5次覆盖随机数据。
- 27 overwrites with special values defined by Peter Gutmann.27用Peter Gutmann定义的特殊值覆盖。
- 5 more overwrites with random data.使用随机数据再覆盖5个。
- Rename the file to a random value.将文件重命名为随机值。
- Truncate the file.截断文件。
If all of that seems excessive to you, you’re in good company. It also seems excessive to Peter Gutmann, a professor at the University of Aukland. He published a paper in 1996 discussing these techniques, from which arose the urban myth that you need to use all of the techniques discussed in that paper at once.
如果这一切似乎对您来说都是多余的,那么您就可以相处得很好。 对于奥克兰大学的教授彼得·古特曼来说,这似乎也太过分了。 他在1996年发表了一篇论文, 讨论了这些技术 ,这引起了城市神话,即您需要立即使用该论文中讨论的所有技术。
Peter Gutmann has since tried to get the genie back in the bottle saying “A good scrubbing with random data will do about as well as can be expected.”
彼得·古特曼(Peter Gutmann)从那以后一直试图让精灵重新回到瓶子里,他说:“用随机数据进行良好的擦洗将达到预期效果。”
But we are where we are, and these are the array of techniques employed by the secure-delete commands. But first, we need to install them.
但是我们就在这里,这些是secure-delete命令所采用的一系列技术。 但是首先,我们需要安装它们。
安装安全删除 (Installing secure-delete)
Use apt-get to install this package onto your system if you’re using Ubuntu or another Debian-based distribution. On other Linux distributions, use your Linux distribution’s package management tool instead.
如果您使用的是Ubuntu或其他基于Debian的发行版,请使用apt-get将此软件包安装到系统上。 在其他Linux发行版上,请改用Linux发行版的程序包管理工具。
sudo apt-get install secure-delete
There are four commands included in the secure-delete bundle.
secure-delete捆绑包中包含四个命令。
srmis a securerm, used to erase files by deleting them and overwriting their hard drive space.srm是安全的rm,用于通过删除文件并覆盖其硬盘空间来擦除文件。sfillis a tool to overwrite all free space on your hard drive.sfill是一种工具,用于覆盖硬盘驱动器上的所有可用空间。sswapis used to overwrite and cleanse your swap space.sswap用于覆盖和清理您的交换空间。sdmemis used to cleanse your RAM.sdmem用于清理RAM。
srm命令 (The srm Command)
You use the srm command much as you would use the rm command. To remove a single file, use the following command. The -z (zeroes) option causes smr to use zeroes for the final wipe instead of random data. The -v (verbose) option makes srm inform us of its progress.
您使用srm命令的方式与使用rm命令的方式相同。 要删除单个文件,请使用以下命令。 -z (零)选项使smr在最终擦除时使用零而不是随机数据。 -v (详细)选项使srm通知我们其进度。
srm -vz Chapter_One_01.txt
The first thing you’ll notice is that srm is slow. It does provide some visual feedback as it is working, but it is a relief when you see the command prompt again.
您会注意到的第一件事是srm速度很慢。 它在工作时确实提供了一些视觉反馈,但是当您再次看到命令提示符时,这是一种缓解。
You can use -l (lessen security) option to reduce the number of passes to two, which speeds things up dramatically.
您可以使用-l (降低安全性)选项将通过次数减少到两次,从而大大加快了处理速度。
srm -lvz Chapter_One_02.txt
srm informs us that this—in its opinion—is less secure, but it still deletes and overwrites the file for us.
srm通知我们,它认为安全性较差,但仍会为我们删除和覆盖文件。
You can use the -l (lessen security) option twice, to reduce the number of passes down to one.
您可以使用-l(降低安全性)选项两次,以将通过次数减少到一。
srm -llvz Chapter_One_03.txt
对多个文件使用srm (Using srm with Multiple Files)
We can also use wildcards with srm. This command will erase and wipe the remaining parts of chapter one:
我们也可以将通配符与srm一起使用。 此命令将擦除和擦除第一章的其余部分:
srm -vc Chapter_One_0?.txt
The files are processed by srm in turn.
文件由srm依次处理。
使用srm删除目录及其内容 (Deleting Directories and Their Contents With srm)
The -r (recursive) option will make srm delete all subdirectories and their contents. You can pass the path to the first directory to srm.
-r (递归)选项将使srm删除所有子目录及其内容。 您可以将路径传递到第一个目录srm 。
In this example, we’re deleting everything the current directory, ~/research. This means all of the files in ~/research and all of the subdirectories are securely removed.
在此示例中,我们将删除当前目录〜/ research中的所有内容。 这意味着〜/ research中的所有文件以及所有子目录都已安全删除。
srm -vz *
srm starts processing the directories and files.
srm开始处理目录和文件。
It eventually returns you to the command prompt. On the test machine that this article was researched on, this took around one hour to remove about 200 files distributed between the current directory and three nested directories.
最终它将使您返回命令提示符。 在研究本文的测试机上,花了大约一个小时才能删除当前目录和三个嵌套目录之间分布的大约200个文件。
All of the files and subdirectories were removed as expected.
所有文件和子目录均已按预期删除。
sfill命令 (The sfill Command)
What if you are concerned about a file that you have deleted using rm, how can you go over that old ground and make sure it is overwritten? The sfill command will overwrite all of the free space on your hard drive.
如果您担心使用rm删除的文件怎么办,如何检查旧文件并确保其被覆盖? sfill命令将覆盖硬盘驱动器上的所有可用空间。
As it does this, you will notice that you have less and less free space on your hard drive, right up to the point where is no free space at all. When sfill completes, it releases all of the free space back to you. If you are administering a multi-user system, this would be very disruptive, so this is a maintenance task that should be conducted out of hours.
这样做时,您会注意到硬盘上的可用空间越来越少,直到根本没有可用空间为止。 sfill完成后,它将释放所有可用空间。 如果要管理多用户系统,这将造成很大的破坏,因此这是一项维护任务,应在数小时内执行。
Even on a single user computer, the loss of hard drive space means it is unusable once sfill has used most of the space. This is something that you would start and then walk away from.
即使在单用户计算机上,硬盘驱动器空间的丢失也意味着一旦sfill使用了大部分空间,硬盘驱动器空间就无法使用。 这是您将要开始然后离开的事情。
To try to speed things up a bit, you can use the -l (lessen security) option. The other options are the -v (verbose) and -z (zeroes) options we have seen previously. Here, we are asking sfill to securely overwrite all of the free space in the /home directory.
要尝试加快速度,可以使用-l (降低安全性)选项。 其他选项是我们先前看到的-v (详细)和-z (零)选项。 在这里,我们要求sfill安全地覆盖/ home目录中的所有可用空间。
sudo sfill -lvz /home
Make yourself comfortable. On the test computer—which only has a 10 GB hard drive— this was started mid-afternoon, and it completed sometime overnight.
让自己舒服。 在只有10 GB硬盘驱动器的测试计算机上,该计算机是从下午中午开始的,并且在一夜之间完成了一段时间。
It’ll churn away for hours. And this is with the -l (lessen security) option. But, eventually, you’ll be returned to the command prompt.
它会流失数小时。 这是带有 -l (降低安全性)选项的。 但是,最终,您将返回到命令提示符。
sswap命令 (The sswap Command)
The sswap command overwrites the storage in your swap partition. The first thing we need to do is identify your swap partition. We can do this with the blkid command, which lists block devices.
sswap命令将覆盖交换分区中的存储。 我们需要做的第一件事是识别您的交换分区。 我们可以使用blkid命令执行此操作,该命令列出了块设备。
sudo blkid
You need to locate the word “swap”, and make a note of the block device it is attached to.
您需要找到“交换”一词,并记下它所连接的块设备。
We can see the swap partition is connected to /dev/sda5.
我们可以看到交换分区已连接到/dev/sda5 。
We need to turn off disk writes to the swap partition for the duration of the overwriting. We will use the swapoff command:
在覆盖期间,我们需要关闭对交换分区的磁盘写操作。 我们将使用swapoff命令:
sudo swapoff /dev/sda5
We can now use the sswap command.
现在,我们可以使用sswap命令。
We will use /dev/sda5 as part of the command line for the sswap command. We’ll also use the -v (verbose) option and -ll (lessen security) options, which we used earlier.
我们将/dev/sda5用作sswap命令的命令行的一部分。 我们还将使用前面使用的-v (详细)选项和-ll (降低安全性)选项。
sudo sswap -llv /dev/sda5
sswap starts working its way through your swap partition, overwriting everything that it is in it. It doesn’t take as long as sfill. It just feels like it.
sswap开始通过交换分区工作,覆盖其中的所有内容。 它不需要花很多sfill 。 就是这样。
Once it has completed, we need to reinstate the swap partition as an active swap space. We do this with the swapon command:
完成后,我们需要将交换分区恢复为活动交换空间。 我们使用swapon命令执行此操作:
sudo swapon /dev/sda5
sdmem命令 (The sdmem Command)
The secure-delete package even contains a tool to wipe the Random Access Memory (RAM) chips in your computer.
secure-delete软件包甚至包含擦除计算机中随机存取存储器(RAM)芯片的工具。
A cold boot attack requires physical access to your computer very shortly after it is turned off. This type of attack can, potentially, allow the retrieval of data from your RAM chips.
冷启动攻击需要在关闭计算机后不久对其进行物理访问。 这种类型的攻击可能会允许您从RAM芯片中检索数据。
If you think you need to protect yourself against this type of attack—and it would be a stretch for most people to think they needed to—you can wipe your RAM before you switch off your computer. We’ll use the -v (verbose) and -ll (lessen security) options once more.
如果您认为需要保护自己免受这种类型的攻击(对于大多数人来说,这是一小段时间),则可以在关闭计算机之前先擦除RAM。 我们将再次使用-v (详细)和-ll (降低安全性)选项。
sudo sdmem -vll
The terminal window will fill up with asterisks as an indication that sdmem is working its way through your RAM.
终端窗口将用星号填充,以指示sdmem正在通过RAM运行。
简单的选择:只需加密驱动器 (The Easy Option: Just Encrypt Your Drive)
Instead of securely deleting files, why not secure your hard drive or your home folder using encryption?
除了安全删除文件外,为什么不使用加密保护硬盘驱动器或主文件夹?
If you do that, no one can access anything, whether it is a live file or a deleted file. And you don’t have to be on your guard and remember to securely erase sensitive files because all of your files are already protected.
如果这样做,则无论是实时文件还是已删除的文件,任何人都无法访问。 而且您不必保持警惕,切记要安全删除敏感文件,因为所有文件都已受到保护。
Most Linux distributions ask whether you want to use encryption at install time. Saying “yes” will save a lot of future aggravation. You may not deal with secret or sensitive information. But if you think you may give or sell the computer to someone else when you are finished with it, encryption will simplify that too.
大多数Linux发行版都会询问您是否要在安装时使用加密。 说“是”将节省很多将来的麻烦。 您可能不会处理机密或敏感信息。 但是,如果您认为在完成计算机后可以将计算机出售或出售给其他人,则加密也可以简化该过程。
翻译自: https://www.howtogeek.com/425232/how-to-securely-delete-files-on-linux/
linux 安全删除文件