mirror of
https://github.com/martijnvanbrummelen/nwipe.git
synced 2026-02-20 05:32:14 +00:00
226 lines
7.5 KiB
Groff
226 lines
7.5 KiB
Groff
.TH NWIPE "8" "Dec 2025" "nwipe version 0.40" "User Commands"
|
||
.SH NAME
|
||
nwipe \- securely erase disks
|
||
.SH SYNOPSIS
|
||
.B nwipe
|
||
[\fIoptions\fR] [\fIdevice1\fR] [\fIdevice2\fR] ...
|
||
.SH DESCRIPTION
|
||
nwipe is a command that will securely erase disks using a variety of
|
||
recognized methods. It is a fork of the dwipe command used by Darik's Boot
|
||
and Nuke (DBAN). nwipe is included with partedmagic if you want a quick and
|
||
easy bootable CD version. nwipe was created out of a need to run the DBAN
|
||
dwipe command outside of DBAN, in order to allow its use with any host
|
||
distribution, thus giving better hardware support. It is essentially the
|
||
same as dwipe, with a few changes:
|
||
.TP
|
||
- pthreads is used instead of fork.
|
||
.TP
|
||
- The parted library is used to detect drives.
|
||
.TP
|
||
- The code is designed to be compiled with gcc.
|
||
.TP
|
||
- SIGUSR1 can be used to log the stats of the current wipe.
|
||
.TP
|
||
- Additional wiping methods and PRNGs.
|
||
.TP
|
||
- Configurable I/O modes (cached, direct, auto) using large I/O buffers for higher throughput.
|
||
.TP
|
||
- Support for stable device paths such as \fI/dev/disk/by-id/\fR.
|
||
.PP
|
||
All PRNG implementations are seeded using the Linux
|
||
.BR getrandom (2)
|
||
system call instead of reading from
|
||
.IR /dev/urandom
|
||
via a file descriptor.
|
||
|
||
.SH DEVICES
|
||
.PP
|
||
Devices can be specified either as block device nodes (for example
|
||
.IR /dev/sda ,
|
||
.IR /dev/nvme0n1 ,
|
||
.IR /dev/mapper/cryptroot )
|
||
or via stable symlinks under
|
||
.IR /dev/disk/by-id/ .
|
||
nwipe will resolve these paths and operate on the underlying block device.
|
||
|
||
.SH OPTIONS
|
||
.TP
|
||
\fB\-V\fR, \fB\-\-version\fR
|
||
Prints the version number.
|
||
.TP
|
||
\fB\-h\fR, \fB\-\-help\fR
|
||
Prints a help summary.
|
||
.TP
|
||
\fB\-\-autonuke\fR
|
||
If no devices have been specified on the command line, starts wiping all
|
||
devices immediately. If devices have been specified, starts wiping only
|
||
those specified devices immediately.
|
||
.TP
|
||
\fB\-\-autopoweroff\fR
|
||
Power off system on completion of wipe delayed for one minute. During
|
||
this one minute delay you can abort the shutdown by typing sudo shutdown -c
|
||
.TP
|
||
\fB\-\-sync\fR=\fINUM\fR
|
||
Specify how often nwipe performs an fdatasync() during cached I/O mode.
|
||
The value refers to the number of *device hardware blocks* (commonly 512 or
|
||
4096 bytes) written before triggering a sync. Since nwipe now writes using
|
||
large multi-megabyte buffers, this value is automatically scaled so the sync
|
||
interval in bytes is consistent with historic behaviour.
|
||
|
||
The default value (100000) results in a sync approximately every 50–400 MB,
|
||
similar to earlier nwipe releases. This ensures timely detection of I/O errors
|
||
while maintaining good throughput.
|
||
|
||
This setting has no effect when using --directio, as write() returns errors
|
||
immediately under direct I/O.
|
||
|
||
.IP
|
||
0 \- Perform one sync only at the end of the pass.
|
||
Not advised; errors may only be detected after the entire wipe.
|
||
|
||
.IP
|
||
1 \- Sync immediately after each write.
|
||
Extremely safe but extremely slow.
|
||
|
||
.IP
|
||
1000 \- Sync after the equivalent of 1000 hardware blocks.
|
||
Useful for testing or more aggressive error detection.
|
||
.TP
|
||
\fB\-\-cachedio\fR
|
||
Use buffered I/O with large write buffers (page cache enabled). This is the
|
||
default on most systems and generally gives the best performance for
|
||
rotational disks.
|
||
.TP
|
||
\fB\-\-directio\fR
|
||
Use direct I/O with large write buffers. This opens devices with
|
||
.BR O_DIRECT
|
||
to bypass the page cache. It can be useful when running multiple wipes in
|
||
parallel or when you do not want to pollute the system page cache. On some
|
||
devices this may be slower than cached I/O.
|
||
.TP
|
||
\fB\-\-io\-mode\fR=\fIMODE\fR
|
||
Select the I/O mode explicitly. \fIMODE\fR can be:
|
||
.IP
|
||
\fBauto\fR \- (default) automatically choose the best supported mode for
|
||
the device and kernel.
|
||
.IP
|
||
\fBcached\fR \- force buffered I/O.
|
||
.IP
|
||
\fBdirect\fR \- force direct I/O (\fBO_DIRECT\fR).
|
||
.IP
|
||
Large I/O buffers are used in all modes to maximise throughput.
|
||
.TP
|
||
\fB\-\-noblank\fR
|
||
Do not perform the final blanking pass after the wipe (default is to blank,
|
||
except when the method is RCMP TSSIT OPS\-II).
|
||
.TP
|
||
\fB\-\-nowait\fR
|
||
Do not wait for a key before exiting (default is to wait).
|
||
.TP
|
||
\fB\-\-nosignals\fR
|
||
Do not allow signals to interrupt a wipe (default is to allow).
|
||
.TP
|
||
\fB\-\-nousb\fR
|
||
Do not show or wipe any USB devices, whether in GUI, --nogui or autonuke
|
||
mode. (default is to allow USB devices to be shown and wiped).
|
||
.TP
|
||
\fB\-\-nogui\fR
|
||
Do not show the GUI interface. Can only be used with the autonuke option.
|
||
Nowait option is automatically invoked with the nogui option.
|
||
SIGUSR1 can be used to retrieve the current wiping statistics.
|
||
.TP
|
||
\fB\-\-pdftag\fR
|
||
Enables a field on the PDF that holds a tag that identifies the host computer
|
||
.TP
|
||
\fB\-v\fR, \fB\-\-verbose\fR
|
||
Log more messages, useful for debugging.
|
||
.TP
|
||
\fB\-\-verify\fR=\fITYPE\fR
|
||
Whether to perform verification of erasure (default: last).
|
||
.IP
|
||
off \- Do not verify.
|
||
.IP
|
||
last \- Verify after the last pass.
|
||
.IP
|
||
all \- Verify every pass.
|
||
.IP
|
||
Please mind that HMG IS5 enhanced always verifies the last (PRNG) pass
|
||
regardless of this option.
|
||
.TP
|
||
\fB\-m\fR, \fB\-\-method\fR=\fIMETHOD\fR
|
||
The wiping method (default: prng).
|
||
.IP
|
||
dod522022m / dod \- 7 pass DOD 5220.22\-M method
|
||
.IP
|
||
dodshort / dod3pass \- 3 pass DOD method
|
||
.IP
|
||
gutmann \- Peter Gutmann's algorithm
|
||
.IP
|
||
ops2 \- RCMP TSSIT OPS\-II
|
||
.IP
|
||
random / prng / stream \- PRNG Stream
|
||
.IP
|
||
zero / quick \- Overwrite with zeros (0x00)
|
||
.IP
|
||
one \- Overwrite with ones (0xFF)
|
||
.IP
|
||
verify_zero \- Verifies disk is zero (0x00) filled
|
||
.IP
|
||
verify_one \- Verifies disk is one (0xFF) filled
|
||
.IP
|
||
is5enh \- HMG IS5 enhanced
|
||
.IP
|
||
bruce7 \- Schneier Bruce 7-pass mixed pattern
|
||
.IP
|
||
bmb \- Chinese BMB21-2019 State Secrets Bureau standard.
|
||
This method overwrites the device with ones (0xFF),
|
||
then zeros (0x00), followed by three passes of PRNG-
|
||
generated random data, and finishes with a final pass
|
||
of ones (0xFF). Designed to meet the BMB21-2019
|
||
technical sanitization requirements.
|
||
.TP
|
||
\fB\-l\fR, \fB\-\-logfile\fR=\fIFILE\fR
|
||
Filename to log to. Default is STDOUT.
|
||
.TP
|
||
\fB\-P\fR, \fB\-\-PDFreportpath\fR=\fIDIR\fR
|
||
Directory to write the PDF nwipe reports/certificates to.
|
||
Defaults to ".".
|
||
If \fIDIR\fR is set to \fInoPDF\fR no report PDF files are written.
|
||
.TP
|
||
\fB\-p\fR, \fB\-\-prng\fR=\fIMETHOD\fR
|
||
The PRNG option (default: aes_ctr_prng).
|
||
(mersenne|twister|isaac|isaac64|add_lagg_fibonacci_prng|xoroshiro256_prng|aes_ctr_prng)
|
||
.IP
|
||
\fBaes_ctr_prng\fR uses the Linux kernel AF_ALG interface to AES\-CTR as a
|
||
cryptographically strong stream generator. It is seeded via
|
||
.BR getrandom (2)
|
||
and requires kernel crypto support for AES\-CTR.
|
||
.TP
|
||
\fB\-q\fR, \fB\-\-quiet\fR
|
||
Anonymize serial numbers, GUI & logs display:
|
||
XXXXXXXX = S/N obtained & anonymized.
|
||
???????? = S/N not available.
|
||
.TP
|
||
\fB\-r\fR, \fB\-\-rounds\fR=\fINUM\fR
|
||
Number of times to wipe the device using the selected method (default: 1).
|
||
.TP
|
||
\fB\-e\fR, \fB\-\-exclude\fR=\fIDEVICES\fR
|
||
Up to ten comma separated devices to be excluded, examples:
|
||
--exclude=/dev/sdc
|
||
--exclude=/dev/sdc,/dev/sdd
|
||
--exclude=/dev/sdc,/dev/sdd,/dev/mapper/cryptswap1
|
||
--dev/disk/by-path/pci-0000:00:17.0-ata-1
|
||
.SH BUGS
|
||
Please see the GitHub site for the latest list:
|
||
(https://github.com/martijnvanbrummelen/nwipe/issues)
|
||
|
||
.SH AUTHOR
|
||
nwipe is developed by Martijn van Brummelen <github@brumit.nl>.
|
||
|
||
.SH "SEE ALSO"
|
||
.BR shred (1),
|
||
.BR dwipe (1),
|
||
.BR dd (1),
|
||
.BR dcfldd (1),
|
||
.BR dc3dd (1)
|