This is a read-only archive. Find the latest Linux articles, documentation, and answers at the new!


Posted by: Anonymous Coward on March 07, 2006 02:36 PM
Last time I checked, ReiserFS doesn't journal data. ext3 and other journaling filesystems do journal data either by default or as an option. ReiserFS (again, last time I checked) doesn't journal data, it only journals meta-data. So unless your inodes concern you (perhaps filenames?), then there shouldn't be a problem. As others have posted, if you shred the entire partition, then you are a little more secure depending on the number of passes and how badly/how much your opponent has to spend on recovering your data.

So if you understand the meta-data part, using ReiserFS allows you to use shred with more confidence than if you were using ext3 with full data journaling enabled.

You are aware that hard drives are actually as much as 20% or more larger than their rated size, and they use the extra space to swap and remap bad sectors? That means if you have sensitive info on sectors that get remapped, that sensitive info will remain on the swapped out sectors no matter what you do short of physically destructing the platters.

When you finally move to Reiser4, you'll have options/plugins that enable encryption, which will alleviate the concerns on secure deletion just a bit.

shred -fuvz is your friend, shred -fuvz --iterations=30 gives control on number of passes. alias it a few times, high number of iterations for small sized files, lower number of iterations for larger files like<nobr> <wbr></nobr>.iso files, 700 MB divx files and other large files which you'd like to shred in a reasonable amount of time.

Now if someone would print the commands for setting up encrypted swap partitions and encrypted data partitions (not necessarily home, but that's ok to include as well, along with other partitions used for storing data, such as<nobr> <wbr></nobr>/data2/, etc), that would really be appreciated.

I had encrypted swap partitions running knoppix from cd while using the 2.4 kernel, but moving to 2.6 kernel caused me to fail in setting up encrypted swap or encrypted data partitions, especially in Debian.

Currently running 2.6.11 kernel, don't know what dynamic vs static dev is (think I have dynamic), another question that is preventing me from moving to a newer kernel as I believe there is some conflict based on kernel number and static/dynamic dev, or some other related problem.


Return to CLI Magic: Securely deleting files with shred