准备把一个独服退掉, 需要擦除上面的数据. 不想让接下来用的人恢复出数据.

一共有两种选择, 所有方式建议使用 live cd 操作

1. shred
2. dd

shred 方式

它用随机位覆盖文件或整个设备中的数据，使其几乎无法恢复。

首先，您需要识别设备的名称。
这可能类似于 /dev/sdb 或者 /dev/hdb（但不类似于/dev/sdb1，那是一个分区）。您可以使用 sudo fdisk -l 列出所有连接的存储设备，并在那里找到您的外部硬盘驱动器。

注意确保它是正确的设备，选择错误的设备会被擦除

此命令默认往磁盘中写入3次随机数据. -v 可以打印当前进度, -z 最后一次覆盖之后把整个盘写零

root@rescue ~ # shred -v /dev/sdX

我使用这样的命令, 一共写入4次, 前三次使用随机数写入, 第四次写入零

root@rescue ~ # shred -vfz /dev/sda
shred: /dev/sda: pass 4/4 (000000)...5.0TiB/5.5TiB 91%
shred: /dev/sda: pass 4/4 (000000)...5.1TiB/5.5TiB 93%
shred: /dev/sda: pass 4/4 (000000)...5.2TiB/5.5TiB 95%
shred: /dev/sda: pass 4/4 (000000)...5.3TiB/5.5TiB 97%
shred: /dev/sda: pass 4/4 (000000)...5.4TiB/5.5TiB 99%
shred: /dev/sda: pass 4/4 (000000)...5.5TiB/5.5TiB 100%

帮助文档

root@rescue ~ # shred --help
Usage: shred [OPTION]... FILE...
Overwrite the specified FILE(s) repeatedly, in order to make it harder
for even very expensive hardware probing to recover the data.

If FILE is -, shred standard output.

Mandatory arguments to long options are mandatory for short options too.
  -f, --force    change permissions to allow writing if necessary
  -n, --iterations=N  overwrite N times instead of the default (3)
      --random-source=FILE  get random bytes from FILE
  -s, --size=N   shred this many bytes (suffixes like K, M, G accepted)
  -u             deallocate and remove file after overwriting
      --remove[=HOW]  like -u but give control on HOW to delete;  See below
  -v, --verbose  show progress
  -x, --exact    do not round file sizes up to the next full block;
                   this is the default for non-regular files
  -z, --zero     add a final overwrite with zeros to hide shredding
      --help     display this help and exit
      --version  output version information and exit

Delete FILE(s) if --remove (-u) is specified.  The default is not to remove
the files because it is common to operate on device files like /dev/hda,
and those files usually should not be removed.
The optional HOW parameter indicates how to remove a directory entry:
'unlink' => use a standard unlink call.
'wipe' => also first obfuscate bytes in the name.
'wipesync' => also sync each obfuscated byte to disk.
The default mode is 'wipesync', but note it can be expensive.

CAUTION: shred assumes the file system and hardware overwrite data in place.
Although this is common, many platforms operate otherwise.  Also, backups
and mirrors may contain unremovable copies that will let a shredded file
be recovered later.  See the GNU coreutils manual for details.

GNU coreutils online help: <https://www.gnu.org/software/coreutils/>
Full documentation <https://www.gnu.org/software/coreutils/shred>
or available locally via: info '(coreutils) shred invocation'

dd 方式

使用 urandom 设备，因为它是获得随机模式的更现代和更好的方法。

dd if=/dev/zero of=/dev/hdX bs=1M

dd if=/dev/random of=/dev/hdX bs=1M

dd if=/dev/urandom of=/dev/hdX bs=1M

How can I securely erase a hard drive?