How to Use the Command 'sfill' (with Examples)
- Linux
- December 17, 2024
The ‘sfill’ command is a Unix-based utility designed to securely overwrite the free space and inodes of a partition. This tool is particularly useful for ensuring that deleted files cannot be recovered, by writing over the parts of the filesystem that are no longer in active use. It’s a valuable utility for maintaining privacy and data integrity when files are deleted from a system.
Use Case 1: Overwrite Free Space and Inodes of a Disk with 38 Writes (Slow but Secure)
Code:
sfill /path/to/mounted_disk_directory
Motivation for Using This Example:
This option is ideal for those who need the highest level of security when deleting files. When files are deleted normally, they often reside in free space on a disk and can be recovered by various data recovery tools. By overwriting the free space with 38 passes, the original data becomes virtually irretrievable. This is crucial for preventing unauthorized access to sensitive information.
Explanation:
- sfill: The command used to start the process of overwriting.
- /path/to/mounted_disk_directory: This specifies the directory within the mounted disk where the free space overwriting should occur. The path must be adjusted according to the user’s actual directory structure.
Example Output:
Writing free space on /dev/sda1:
Pass 1/38: Random data
...
Pass 38/38: Zeroes
All free space on /dev/sda1 securely overwritten.
Use Case 2: Overwrite Free Space and Inodes of a Disk with 6 Writes (Fast but Less Secure) and Show Status
Code:
sfill -l -v /path/to/mounted_disk_directory
Motivation for Using This Example:
This option provides a balance between security and performance. It is suitable for users who want more security than a single pass can provide but cannot afford the time required for 38 full disk writes. Also, enabling verbose status output provides insightful real-time feedback about the process.
Explanation:
- -l: This flag specifies that the process should complete faster by reducing the number of overwrite operations to 6 passes.
- -v: The verbose flag allows the status of the overwriting process to be visible; useful for monitoring progress.
- /path/to/mounted_disk_directory: Defines the target directory for the operation.
Example Output:
[sfill version info]
Pass 1/6: Writing random data
Pass 2/6: Writing zeroes
...
Pass 6/6: Writing fixed data pattern
Status: 100% completed. Free space successfully overwritten.
Use Case 3: Overwrite Free Space and Inodes of a Disk with 1 Write (Very Fast but Insecure) and Show Status
Code:
sfill -ll -v /path/to/mounted_disk_directory
Motivation for Using This Example:
For users who are constrained by time and do not require high levels of security, this option provides the fastest way to overwrite free space. Although this method leaves free space relatively more susceptible to recovery, it quickly ensures that data is less accessible than before.
Explanation:
- -ll: Engaging this option means the free space is only overwritten once, making it the fastest and least secure method of scrubbing.
- -v: This flag serves to make the process transparent by showcasing what is being done during the operation.
- /path/to/mounted_disk_directory: Points to the specific local directory within the mounted partition.
Example Output:
[Starting fast overwrite process]
Pass 1/1: Writing zeros
Operation complete. Space on /dev/sda1 cleared as per fast settings.
Use Case 4: Overwrite Only Free Space of a Disk
Code:
sfill -I /path/to/mounted_disk_directory
Motivation for Using This Example:
This is useful for situations where a user wishes to only target the free space between files. By focusing on free space, the method is streamlined without touching the inodes. This approach caters best when the files’ metadata doesn’t concern the user, and quick free space scrubbing is needed.
Explanation:
- -I: Tells ‘sfill’ to focus solely on free space and leave the inodes untouched.
- /path/to/mounted_disk_directory: Accurately indicates where the operation should be confined.
Example Output:
[Sfill: Securely wiping free space]
Progress: Overwriting free space with random data
Free space on /dev/sda1 has been overwritten securely.
Use Case 5: Overwrite Only Free Inodes of a Disk
Code:
sfill -i /path/to/mounted_disk_directory
Motivation for Using This Example:
This option is especially advantageous when the aim is to solely secure the metadata of previous files, represented by the inodes, rather than the entire free space. It proves helpful for cleaning up after a file deletion without concern for data remnants in general free areas.
Explanation:
- -i: Command parameter that restricts the operation to only target and overwrite free inodes—file metadata segments.
- /path/to/mounted_disk_directory: Designates the path where the inodes are located.
Example Output:
[Sfill: Targeting free inodes]
Progress: Free inodes overwritten
All free inodes on /dev/sda1 have been successfully cleared.
Conclusion:
‘sfill’ is a critical command-line utility for anyone concerned about data security and confidentiality after file deletion. By offering various levels of security and speed, it allows users to choose the method that best fits their needs, ensuring data remnants in free space and inodes are appropriately overwritten and irrecoverable.