In today’s Admin Tips tutorial, we’ll explore dd.
dd is a powerful and useful tool available in Unix and Unix-like operating systems. Its purpose is to convert and copy files. In Unix and Unix-like operating systems, such as Linux, almost everything is treated as a file, even block devices: this makes dd useful for things like disk cloning or data wiping. The dd utility is available out-of-the-box in most, if not all, Linux distributions.
By default, the program reads from standard input and writes to standard output. However, you can specify alternative input and output files using the if and of command-line options, respectively. Here, dd differs from the vast majority of shell commands because it does not use the standard –option or -o syntax for options.
dd is part of the coreutils package.
Syntax
sudo dd INPUT OUTPUT
Options
– bs=BYTES : Reads and writes to BYTES at once (default: 512)
– cbs=BYTES : Converts BYTES at once
– conv=CONV : Converts a file according to a comma-separated list of symbols
– count=N : Copies only N input blocks
– ibs=BYTES : Reads BYTES at once (default: 512)
– if=FILE : Reads from FILE instead of standard input
– iflag=FLAGS : Reads according to a comma-separated list of symbols
– obs=BYTES : Writes BYTES at once (default: 512)
– of=FILE : Writes to FILE instead of standard output
– oflag=FLAGS : Writes according to a comma-separated list of symbols
– status=LEVEL LEVEL of information printed to stderr;
Examples
Copying the system image to SSD
sudo dd if=linux-distro-VERSION-architecture.img of=/dev/sdX bs=4M conv=fsync
where ‘sdX’ is your output device, which we can check with the following commands:
sudo fdisk -l
lsblk
sudo blkid
df -h
Skipping blocks when reading and writing
There are cases where we may want to skip a certain number of block sizes when reading or writing to a file. In such cases, we need to use the skip and seek options, respectively: they are used to skip specific blocks of data, at the beginning of input and at the beginning of output.
An example of such a situation is when we want to backup/restore hidden data between the MBR and the first partition on the disk, which usually starts at sector 2048 for alignment reasons. Sectors 2047 of this area typically contain stage 1.5 of the grub boot loader in a legacy MBR partition configuration. How can we instruct dd to clone only this area, ignoring the MBR? All we need to do is use the skip option:
sudo dd if=/dev/sda of=hidden-data-after-mbr count=2047 skip=1
Compressing Data Read by dd
One of the most common operations performed with dd is disk cloning. The dd command creates a perfect disk clone because it copies block devices byte-by-byte, so cloning a 160 GB disk creates a backup of exactly the same size. However, when cloning a disk to a file, we can pipe the data read by dd through compression tools like gzip to optimize the result and reduce the final file size. For example, we want to create a clone of the entire block device /dev/sda, so we can use:
sudo dd if=/dev/sda bs=1M | gzip -c -9 > sda.dd.gz
Clearing a Block Device
Another use case for dd is to clear a device by completely erasing data:
sudo dd if=/dev/zero bs=1M of=/dev/sda
You can also fill the disk with random data to make its sectors, which will contain data, indistinguishable from empty sectors and to avoid metadata leaks. In this case, we want to read data from the /dev/random or /dev/urandom devices:
sudo dd if=/dev/urandom bs=1M of=/dev/sda
This option is useful if, for example, we want to sell the disk.
For more information about dd, use the following commands:
sudo dd –help
man dd
