[Bash,Linux] Very fast disk shredding/data erasure script

[Bash,Linux] Very fast disk shredding/data erasure script

Before I have setted up my encrypted partitions I had to fill them with random sequention of data.
I’ve noticed that dd if=/dev/urandom of=DEVICE is very slow. It has 3-4 MB/second on my computer.
I wanted to make it faster. Here is my solution:
1. Create in tmpfs located in RAM memory large file (about 100 MB) made of pseudo-random sequence (/dev/urandom).
2. Write this file from memory sequentially to the disk.
Speed of this approach is even 34 MB/s – 10 times faster!!.
Unfortunately, this aproach might not be as secure as dd if=/dev/urandom of=DEVICE
Before you do anything backup your data and be sure what are you doing!!!
My implementation:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
#!/bin/sh
# Author: Wojtek Jamrozy (www.wojtekrj.net)
# BE SURE WHAT ARE YOU DOING - YOU CAN LOST IMPORTANT DATA
 
if [ $# != 1 ]; then
	echo "usage: $0 <name of device>"
	exit 1
fi
 
echo "You choose $1 device to shred"
echo "Are you sure (it will destroy ALL data on this device)? Type upercase yes:"
read yes
TMP_DIR=/tmp/_tmpfs
SIZE=100 # size of pattern in megabytes
if [ "$yes" = "YES" ]; then
	echo "Generating random pattern..."
	mkdir -p $TMP_DIR
	sudo mount -t tmpfs  tmp $TMP_DIR
	dd if=/dev/urandom of=$TMP_DIR/plik bs=${SIZE}MB count=1 2> /dev/null
	echo "Generating random pattern finished..."
	echo "Starting shreding $1"
	before=`date +%s`
	i=0
	while [ 1 ]; do	
		sudo dd if=$TMP_DIR/plik of=$1 bs=${SIZE}MB seek=$i 2> /dev/null
		if [ $? != 0 ]
		then
			break
		fi
		i=$((i+1))
		after=`date +%s`
		echo "$((i*SIZE))MB have been copied\nAverage speed: $((i*SIZE/(after-before+1))) MB/s"
	done
	after=`date +%s`
	echo "Average speed: $(((i+1)*SIZE/(after-before+1))) MB/s"
	rm $TMP_DIR/plik
	sudo umount $TMP_DIR
	rm -R $TMP_DIR
else
	echo "You haven't typed \"YES\"\nExiting..."
fi

One thought on “[Bash,Linux] Very fast disk shredding/data erasure script

  1. …or use this one-liner (from stackoverflow):

    openssl enc -aes-256-ctr -pass pass:”$(dd if=/dev/urandom bs=128 count=1 2>/dev/null | base64)” -nosalt /dev/ice

Leave a Reply

Your email address will not be published.