1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
|
.TH NWIPE "8" "May 2024" "nwipe version 0.37" "User Commands"
.SH NAME
nwipe \- securely erase disks
.SH SYNOPSIS
.B nwipe
[\fIoptions\fR] [\fIdevice1\fR] [\fIdevice2\fR] ...
.SH DESCRIPTION
nwipe is a command that will securely erase disks using a variety of
recognised methods. It is a fork of the dwipe command used by Darik's Boot
and Nuke (dban). nwipe is included with partedmagic if you want a quick and
easy bootable CD version. nwipe was created out of a need to run the DBAN
dwipe command outside of DBAN, in order to allow its use with any host
distribution, thus giving better hardware support. It is essentially the
same as dwipe, with a few changes:
.TP
- pthreads is used instead of fork
.TP
- The parted library is used to detect drives
.TP
- The code is designed to be compiled with gcc
.TP
- SIGUSR1 can be used to log the stats of the current wipe
.SH OPTIONS
.TP
\fB\-V\fR, \fB\-\-version\fR
Prints the version number
.TP
\fB\-h\fR, \fB\-\-help\fR
Prints a help summary
.TP
\fB\-\-autonuke\fR
If no devices have been specified on the command line, starts wiping all
devices immediately. If devices have been specified, starts wiping only
those specified devices immediately.
.TP
\fB\-\-autopoweroff\fR
Power off system on completion of wipe delayed for one minute. During
this one minute delay you can abort the shutdown by typing sudo shutdown -c
.TP
\fB\-\-sync\fR=\fINUM\fR
Will perform a syn after NUM writes (default: 100000)
.IP
0 \- fdatasync after the disk is completely written
fdatasync errors not detected until completion.
0 is not recommended as disk errors may cause nwipe
to appear to hang
.IP
1 \- fdatasync after every write
Warning: Lower values will reduce wipe speeds.
.IP
1000 \- fdatasync after 1000 writes
.TP
\fB\-\-noblank\fR
Do not perform the final blanking pass after the wipe (default is to blank,
except when the method is RCMP TSSIT OPS\-II).
.TP
\fB\-\-nowait\fR
Do not wait for a key before exiting (default is to wait).
.TP
\fB\-\-nosignals\fR
Do not allow signals to interrupt a wipe (default is to allow).
.TP
\fB\-\-nousb\fR
Do not show or wipe any USB devices, whether in GUI, --nogui or autonuke
mode. (default is to allow USB devices to be shown and wiped).
.TP
\fB\-\-nogui\fR
Do not show the GUI interface. Can only be used with the autonuke option.
Nowait option is automatically invoked with the nogui option.
SIGUSR1 can be used to retrieve the current wiping statistics.
.TP
\fB\-v\fR, \fB\-\-verbose\fR
Log more messages, useful for debugging.
.TP
\fB\-\-verify\fR=\fITYPE\fR
Whether to perform verification of erasure (default: last)
.IP
off \- Do not verify
.IP
last \- Verify after the last pass
.IP
all \- Verify every pass
.IP
Please mind that HMG IS5 enhanced always verifies the last (PRNG) pass
regardless of this option.
.TP
\fB\-m\fR, \fB\-\-method\fR=\fIMETHOD\fR
The wiping method (default: dodshort).
.IP
dod522022m / dod \- 7 pass DOD 5220.22\-M method
.IP
dodshort / dod3pass \- 3 pass DOD method
.IP
gutmann \- Peter Gutmann's Algorithm
.IP
ops2 \- RCMP TSSIT OPS\-II
.IP
random / prng / stream \- PRNG Stream
.IP
zero / quick \- Overwrite with zeros 0x00
.IP
one \- Overwrite with ones 0xFF
.IP
verify_zero \- Verifies disk is zero filled
.IP
verify_one \- Verifies disk is 0xFF filled
.IP
is5enh \- HMG IS5 enhanced
.TP
\fB\-l\fR, \fB\-\-logfile\fR=\fIFILE\fR
Filename to log to. Default is STDOUT
.TP
\fB\-P\fR, \fB\-\-PDFreportpath\fR=\fIDIR\fR
Directory to write the PDF nwipe reports/certificates to.
Defaults to ".".
If \fIDIR\fR is set to \fInoPDF\fR no report PDF files are written.
.TP
\fB\-p\fR, \fB\-\-prng\fR=\fIMETHOD\fR
PRNG option (mersenne|twister|isaac|isaac64)
.TP
\fB\-q\fR, \fB\-\-quiet\fR
Anonymize serial numbers, Gui & logs display:
XXXXXXXX = S/N obtained & anonymized.
???????? = S/N not available.
.TP
\fB\-r\fR, \fB\-\-rounds\fR=\fINUM\fR
Number of times to wipe the device using the selected method (default: 1)
.TP
\fB\-e\fR, \fB\-\-exclude\fR=\fIDEVICES\fR
Up to ten comma separated devices to be excluded, examples:
--exclude=/dev/sdc
--exclude=/dev/sdc,/dev/sdd
--exclude=/dev/sdc,/dev/sdd,/dev/mapper/cryptswap1
.SH BUGS
Please see the GitHub site for the latest list
(https://github.com/martijnvanbrummelen/nwipe/issues)
.SH AUTHOR
Nwipe is developed by Martijn van Brummelen <github@brumit.nl>
.SH "SEE ALSO"
.BR shred (1),
.BR dwipe (1),
.BR dd (1),
.BR dcfldd (1),
.BR dc3dd (1)
|