LinuxDojo - Understanding & Using dd

Understanding & Using `dd`: The Disk Destroyer

The dd command is a powerful, low-level utility in Unix-like operating systems (including Linux and FreeBSD) used to convert and copy files. It reads data from an input source (if=) and writes it to an output destination (of=). While incredibly versatile, its raw access to disks means it can cause **irreversible data loss if misused**. Hence its nickname, "disk destroyer."

Despite the danger, dd is invaluable for tasks such as creating bootable USB drives, cloning entire disks or partitions, creating disk images, and wiping drives.

Key Parameters of `dd`

if=FILE: Specifies the input file or device.
of=FILE: Specifies the output file or device.
bs=BYTES: Sets the block size for reading and writing. A larger block size can speed up transfers, but might make operations less granular. Common values are 4M, 8M, 1M.
count=N: Copies only N input blocks.
skip=N: Skips N input blocks before starting to copy.
seek=N: Skips N output blocks before starting to write.
status=progress: (GNU dd, Linux) Shows real-time transfer statistics. Not available in BSD dd (FreeBSD).
conv=notrunc: Prevents truncation of the output file.
conv=fdatasync (Linux) / conv=sync (FreeBSD): Ensures data is physically written to disk.
conv=noerror: Continue if read errors occur.

⚠ WARNING: Double-check your if= and of= paths carefully. Swapping them can instantly overwrite your system disk! Always use lsblk (Linux) or geom disk list / gpart show (FreeBSD) to identify device names correctly.

Step 1: Identify Your Disk/USB Device

Before using dd, you **must** correctly identify the target device. Do not use partition numbers (e.g., `/dev/sdc1`), use the whole disk name (e.g., `/dev/sdc` or `/dev/da0`).

On Arch Linux:

Identify Disks (Linux)


lsblk
# Or for more detail:
sudo fdisk -l

Look for your USB drive by size. For example, a 16GB USB might appear as `/dev/sdc`. Make sure it's unmounted before using `dd`.

Unmount USB (Linux Example)


# If mounted, for example, at /media/user/MyUSB:
sudo umount /media/user/MyUSB
# Or, if you know the device:
sudo umount /dev/sdc1 # Unmount all partitions on /dev/sdc
sudo umount /dev/sdc2

On FreeBSD:

Identify Disks (FreeBSD)


geom disk list
# Or to see partition tables:
gpart show

USB drives typically appear as `/dev/da0`, `/dev/da1`, etc. You should always use the raw device node (e.g., `/dev/da0` not `/dev/da0p1`). Ensure no partitions on the USB are mounted.

Unmount USB (FreeBSD Example)


# If you have partitions like da0p1 mounted:
sudo umount /dev/da0p1
# Check mounts:
mount

Example 1: Create a Bootable USB Drive from an ISO

This is one of the most common uses for dd. Replace /path/to/your.iso with the actual path to your ISO file and /dev/sdX (Linux) or /dev/daX (FreeBSD) with your target USB drive.

Using a larger block size (bs=4M) can significantly speed up the transfer.

Creating Bootable USB (Linux)


sudo dd if=/path/to/your.iso of=/dev/sdX bs=4M status=progress conv=fdatasync

Creating Bootable USB (FreeBSD)


sudo dd if=/path/to/your.iso of=/dev/daX bs=4m conv=sync
# To monitor progress on FreeBSD, send a SIGINFO signal:
# Press Ctrl+T in the terminal where dd is running.

After the command finishes, sync the disk to ensure all data is written: `sync`.

Example 2: Clone an Entire Disk or Partition

You can use dd to create an exact, bit-for-bit copy of one disk to another. This is useful for migrating systems or creating full backups.

Clone Disk (Linux Example)


# Clone /dev/sda to /dev/sdb
sudo dd if=/dev/sda of=/dev/sdb bs=4M status=progress conv=fdatasync

Clone Disk (FreeBSD Example)


# Clone /dev/da0 to /dev/da1
sudo dd if=/dev/da0 of=/dev/da1 bs=4m conv=sync

**Note:** The destination disk (`of=`) must be equal to or larger than the source disk (`if=`).

Example 3: Create a Disk Image File

You can create a raw image file of an entire disk or partition. This image file can then be mounted, used in a virtual machine, or restored to another disk later.

Create Disk Image (Linux Example)


# Create an image of /dev/sdb to backup.img in your current directory
sudo dd if=/dev/sdb of=./backup.img bs=4M status=progress conv=fdatasync

Create Disk Image (FreeBSD Example)


# Create an image of /dev/da0 to backup.img in your current directory
sudo dd if=/dev/da0 of=./backup.img bs=4m conv=sync

Example 4: Securely Wipe a Disk

To completely and securely erase all data on a drive, you can overwrite it with zeros or random data. Using `/dev/zero` is faster but less secure for sensitive data; `/dev/urandom` is more secure but much slower.

Wipe Disk with Zeros (Linux/FreeBSD)


# Overwrite /dev/sdX (or /dev/daX) entirely with zeros
sudo dd if=/dev/zero of=/dev/sdX bs=4M status=progress conv=fdatasync

Secure Wipe with Random Data (Linux/FreeBSD)


# Overwrite /dev/sdX (or /dev/daX) with random data (much slower!)
sudo dd if=/dev/urandom of=/dev/sdX bs=4M status=progress conv=fdatasync

The `dd` command is a powerful tool in your system administration toolkit. Use it wisely, and always verify your input and output devices before executing!