606 words
3 minutes
nwipe Tutorial:Secure Data Sanitization via Open-Source Tooling
2025-08-22
Tutorial
Storage
/
Information Security
/
Data

I. What is nwipe?#

nwipe [1] is an open-source command-line tool specifically designed to securely and thoroughly erase data from storage devices, including Hard Disk Drives (HDDs) and Solid State Drives (SSDs). It is a fork and the modernized successor of the well-known legacy tool DBAN (Darik’s Boot and Nuke).

Its core objective is to ensure that original data cannot be recovered by any software or hardware forensic methods before disposing of, reselling, or recycling storage media. This is achieved by overwriting the disk with multiple passes of random or specific patterns, thereby protecting privacy and security.

Project Repository: https://github.com/martijnvanbrummelen/nwipe

nwipe

II. Key Features of nwipe#

Fully Free and Open Source: The transparent code allows for public auditing, ensuring no backdoors exist and making it a trusted tool for security-conscious users.

Support for Multiple Erasure Standards: It includes internationally recognized algorithms to meet various security compliance levels, such as: - DoD 5220.22-M: The U.S. Department of Defense standard (3 or 7 passes). - Gutmann: A classical method proposed by Peter Gutmann (35 passes). While effective for legacy hardware, it may be excessive for modern SSDs. - PRNG Stream: Uses a pseudo-random number generator for multiple overwrite passes (customizable). - Verify Only: A rapid mode that checks if sectors are readable without erasing them, useful for detecting bad sectors.

OS Independent: nwipe is typically integrated into various Live Linux Distributions (e.g., Parted Magic, SystemRescue) or can be made into a bootable USB drive. This allows it to run independently of the host OS, enabling the erasure of the system drive itself while bypassing file locks and permission issues.

Automation & Batch Processing: Supports command-line arguments, allowing for scripted automated batch erasure—ideal for data centers or environments handling large volumes of drives.

Detailed Logging & Reporting: Recent versions of nwipe generate comprehensive logs, including serial numbers, models, erasure methods, timestamps, and verification results (PASS/FAIL), which are crucial for audits and compliance.

Broad Hardware Compatibility: Supports storage devices connected via multiple interfaces, including SATA, SAS, PCIe/NVMe, and USB.

III. Installing nwipe#

Prerequisites#

  1. A Linux-based OS (To wipe an entire device, it is recommended to use a Live OS via external media like a USB drive).
  2. A computer or server capable of recognizing your drives (SAS, SATA, SSD, NVMe, etc.).

Step-by-Step Installation#

  1. Enter the OS: Any Linux distro works. For full-device erasure, I recommend SystemRescue [2], a Live OS for Linux recovery that comes pre-loaded with nwipe.
  2. Package Manager Installation:

Note: Package managers might not provide the latest version. For PDF reporting, nwipe version ≥ 0.35 is required.

Package Manager Installation

  • Package Manager Installation👇
Terminal window
# For Ubuntu/Debian:
apt-get update -y
apt-get install nwipe -y


# For CentOS/OpenEuler/RockyLinux:
yum update -y
yum install install nwipe -y


# dnf
dnf update -y
dnf install install nwipe -y
  • Manual Compilation (For the latest version):
Terminal window
wget https://github.com/martijnvanbrummelen/nwipe/archive/refs/tags/v0.38.tar.gz
tar -xzf v0.38.tar.gz
cd nwipe-0.38/
./autogen.sh
./configure
make
sudo make install
  1. Verify Installation: Run nwipe --version.
Terminal window
root@ubuntu:~# nwipe --version
nwipe version 0.38
root@ubuntu:~#

IV. How to Perform Data Destruction with nwipe#

Demonstration conducted on a VMware Virtual Machine running Ubuntu Server.

  1. Execute sudo nwipe to enter the ncurses-based interface.
  2. Select Storage Media: Use Up/Down arrows to navigate and Space to select (the target will be marked as “wipe”).

nwipe

  1. Press M to select the Erase Method. Use arrows and press Enter to confirm.

Erase Method

  1. Press V to select the Verification Mode. By default, it verifies the last pass; you can disable this to increase speed.

Verify

  1. Press S to start. As this is an irreversible operation, a security prompt will appear. You must press Shift + S (capital S) to initiate the wipe.

Start Erase

  1. Once complete, press CTRL + C to exit. nwipe will generate a report in the current directory (v0.35+).

Complete Report

  1. Finally, export the PDF report for your records.

PDF Report

🔗 Related Links:

[1] nwipe Project Repository: https://github.com/martijnvanbrummelen/nwipe

[2] systemrescue Official Website: https://www.system-rescue.org/

nwipe Tutorial:Secure Data Sanitization via Open-Source Tooling
https://fuwari.vercel.app/posts/8532da7b-b852-4ad5-81be-9ceddd33fabb/
Author
Ryan Zhang
Published at
2025-08-22
License
CC BY-NC-SA 4.0
This content has been translated with the assistance of AI tools, including ChatGPT, Gemini, and Qwen. While efforts have been made to ensure accuracy and clarity, minor discrepancies may exist. Please refer to the original text for authoritative interpretation if needed.
Security Inspection Headache? Here’s the Ultimate High-Risk Port & Forbidden File Upload Checklist!
Data Sanitization:An Overview of Technologies and Standards
© 2026 Ryan Zhang. All Rights Reserved.
Powered by Astro & Fuwari
Edge computing services are powered by Cloudflare.