Last active
May 21, 2024 01:54
-
-
Save tavallaie/812ec1bb58e07678fa54db0324aab95c to your computer and use it in GitHub Desktop.
**Secure Data Erasure Script (Bash)** This Bash script securely erases data from a specified device with random data, ensuring irrecoverability. Use with caution.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Check if the script is run with superuser privileges | |
if [ "$EUID" -ne 0 ]; then | |
echo "Please run this script as root (sudo)." | |
exit 1 | |
fi | |
# Prompt the user for the target devices | |
read -p "Enter the target devices (e.g., /dev/sdX /dev/sdY): " target_devices | |
# Iterate through the space-separated list of target devices | |
for device in $target_devices; do | |
# Check if the device exists | |
if [ ! -e "$device" ]; then | |
echo "Device $device does not exist." | |
continue | |
fi | |
# Overwrite with random data | |
echo "Erasing $device..." | |
dd if=/dev/urandom of="$device" bs=4M status=progress | |
echo "Finished erasing $device." | |
done |
it would be a good idea to use /dev/random
since it has more entropy, the disadvantage being if there is not enough entropy you will have to wait
also this command if you are really paranoid about it
openssl enc -aes-256-ctr -pass pass:"$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)" -nosalt < /dev/zero > /dev/sdx
it would be a good idea to use
/dev/random
since it has more entropy, the disadvantage being if there is not enough entropy you will have to wait
IMO, it doesn't matter if data is random or not, I would've use all zeros...
I didn't know them, thanks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
bs specifies how much bytes should be read and written from/to the device at a time (can be set separately by
ibs
andobs
!bs
override those).You can check the man page of
dd(1)
or via man7.orgdd(1)
deals with a device at byte level and therefore accessing with bigger chunk size, speeds up the process but also takes more RAM!