Adding 'shred' applet to busybox


I ran into a problem where I had some sensitive confgurations (user/pass/certs/network/vpn configs). To erase those I used the shred command, but I had to install the coreutils-shred utility.

Just out of curiosity I looked into busybox, and it has the shred applet.

Could this be added to busybox?
(or am I the only one?)

You may be in the rare subset of those who use a spinning Hard Disk Drive, otherwise I hope you weren't shredding on a flash-based device. Nonetheless, I beleive Busybox would be an upstream package. And in context of the decreasing subset of those use cases, it may seem odd to add more kilobytes to a software for everyone, especially in OpenWrt where the majority of devices are embedded flash chips.

Making a command readily avaliable that could brick a device, cause serious premature wear, and adds KBs to a package for a niche use case - seems dangerous and careless.

I found an article to describe differences in shredding on HDDs vs flash chips:


Yes, x86 but it had an ssd. So I will read up and change some of my practices :wink:

1 Like

It is pretty simple, you can never encrypt or overwrite something afterwards on a SSD or flash.

You can how ever read and save already encrypted data on a flash or ssd.

You simply need to physically destroy the actual flash memory chip on the device when retiring the device if it has managed crypto keys that is seen as sensitive in the future.

While shred is not the right way (secure erase using hdparm would be) for SSDs (or internal flash), coreutils-shred is available for installing - enabling the busybox applet is not going to happen.


This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.