dd Command in Linux: Copy Disks, Partitions, and Files
Most of the time when you copy a file on Linux, you reach for cp. It walks the filesystem, respects permissions, and works on individual files. But when you need to copy an entire disk, write an ISO image to a USB stick, or create a byte-for-byte backup of a partition, the filesystem view is not enough. For that, Linux ships with dd, a tool that copies raw data block by block between any two files or devices.
This guide explains how to use dd safely to write ISO images, clone disks, back up partitions, create test files, and benchmark storage performance.
dd Syntax
The general form of the dd command is:
dd if=INPUT of=OUTPUT [OPTIONS]The two key operands are if (input file) and of (output file). Either one can be a regular file, a block device such as /dev/sda, or even /dev/zero and /dev/urandom. Options control the block size, how many blocks to copy, and what conversions to apply.
dd writes exactly what you tell it to write, to exactly the target you point it at. Pointing of= at the wrong disk will overwrite that disk without warning or confirmation. Always double-check the target device with lsblk or sudo fdisk -l before running a dd command.Writing an ISO Image to a USB Drive
The most common use for dd is flashing a Linux ISO to a USB drive so you can boot and install from it. First, identify the USB device with lsblk or sudo fdisk -l:
lsblkNAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
sda 8:0 0 465.8G 0 disk
├─sda1 8:1 0 512M 0 part /boot/efi
└─sda2 8:2 0 465.3G 0 part /
sdb 8:16 1 14.5G 0 disk
└─sdb1 8:17 1 14.5G 0 part
Here sda is the system disk and sdb is the USB drive. Make sure the USB is unmounted before writing to it:
sudo umount /dev/sdb1Then write the ISO image:
sudo dd if=ubuntu-24.04-desktop-amd64.iso of=/dev/sdb bs=4M status=progress oflag=syncNotice that the output target is the whole disk (/dev/sdb), not a partition (/dev/sdb1). Writing an ISO to a partition would leave the USB unbootable. The options do the following:
-
bs=4M- Read and write 4 MB at a time, which is much faster than the 512-byte default. -
status=progress- Print a live progress indicator so you can see how much has been written. -
oflag=sync- Flush every write to the device, so the final byte count reflects data actually on disk.
When dd finishes, run sync once more to make sure all buffered writes hit the USB stick before you remove it:
syncFor alternative methods and distro-specific tips, see the guide on how to create a bootable Linux USB drive .
Cloning a Whole Disk
To make an exact block-level copy of one disk onto another, point if= and of= at two different block devices:
sudo dd if=/dev/sda of=/dev/sdb bs=64K conv=noerror,sync status=progressThe destination disk must be at least as large as the source. Anything already on it is overwritten. The conversion flags handle read errors gracefully:
-
conv=noerror- Keep going when a read error occurs instead of aborting. -
conv=sync- Pad short reads with zeros so the output stays aligned with the source.
Clone offline whenever possible. Cloning a disk that is actively being written to produces an inconsistent copy, especially for databases and journaling filesystems.
Backing Up a Partition to an Image File
dd can also write a partition or whole disk to a regular file. That file becomes a bit-for-bit image you can restore later:
sudo dd if=/dev/sda1 of=/backup/sda1.img bs=4M status=progressTo save space, pipe the output through gzip:
sudo dd if=/dev/sda1 bs=4M status=progress | gzip -c > /backup/sda1.img.gzThe compressed image is much smaller for filesystems that contain text or empty space, though the compression step adds CPU time.
To restore the image to a partition:
gunzip -c /backup/sda1.img.gz | sudo dd of=/dev/sda1 bs=4M status=progressThe target partition must be unmounted during restore, and it must be at least as large as the original.
Backing Up and Restoring the MBR
The Master Boot Record sits in the first 512 bytes of a disk that uses a traditional BIOS partition table. You can back it up with dd:
sudo dd if=/dev/sda of=/backup/mbr.img bs=512 count=1To restore the MBR, swap the input and output:
sudo dd if=/backup/mbr.img of=/dev/sda bs=512 count=1On modern UEFI systems the partition table uses GPT instead of MBR, so this trick only applies to older BIOS installations. For GPT disks, use sgdisk --backup and sgdisk --load-backup from the gdisk package.
Creating an Empty File of a Specific Size
dd is often used to create test files of a known size. The count option sets how many blocks to write, and bs sets the block size:
dd if=/dev/zero of=testfile bs=1M count=100This creates a 100 MB file filled with zeros, useful for testing backups, simulating quota limits, or preparing a swap file. To create a file filled with random data instead, read from /dev/urandom:
dd if=/dev/urandom of=random.bin bs=1M count=10Random data is slower to generate because the kernel has to produce the bytes, while /dev/zero is effectively free.
Creating a Swap File
One practical use of the empty-file pattern is creating a swap file :
sudo dd if=/dev/zero of=/swapfile bs=1M count=2048 status=progress
sudo chmod 600 /swapfile
sudo mkswap /swapfile
sudo swapon /swapfileThe chmod 600 step keeps the swap file readable only by root, which is required by mkswap on most distros. After swapon, the 2 GB swap file is active immediately. Add an entry to /etc/fstab to make it permanent.
Wiping a Disk
To destroy data on a disk before disposing of it or repurposing it, overwrite the entire device with zeros:
sudo dd if=/dev/zero of=/dev/sdb bs=4M status=progressFor a stronger wipe that makes recovery harder on traditional spinning disks, use random data:
sudo dd if=/dev/urandom of=/dev/sdb bs=4M status=progressOn SSDs, a dd wipe is not the right tool. SSDs remap blocks internally, so a full write does not guarantee every cell was overwritten. Use blkdiscard or the drive vendor’s secure-erase utility instead.
Benchmarking Disk Write Speed
dd is a quick way to measure sustained write throughput. Write a 1 GB file of zeros and let dd report the rate:
dd if=/dev/zero of=tempfile bs=1M count=1024 oflag=direct1024+0 records in
1024+0 records out
1073741824 bytes (1.1 GB, 1.0 GiB) copied, 3.1 s, 346 MB/s
The oflag=direct flag bypasses the page cache, so the number reflects actual disk speed rather than memory throughput. For a read benchmark, drop the caches first and then read the file back:
sudo sh -c "sync && echo 3 > /proc/sys/vm/drop_caches"
dd if=tempfile of=/dev/null bs=1MRemove the test file when you are done:
rm tempfileFor more detailed I/O profiling, tools like fio and ioping produce more accurate, repeatable results.
Showing Progress on a Running dd
If you started dd without status=progress, you can still ask it to print a status line by sending the USR1 signal to its process. From another terminal, run:
sudo kill -USR1 $(pidof dd)dd will respond by printing the number of bytes copied so far and its current rate, then keep running.
Common Options
A quick rundown of the options covered in this guide, plus a few more worth knowing:
-
if=FILE- Input file or device. -
of=FILE- Output file or device. -
bs=N- Block size for both reads and writes (e.g.,4Mfor 4 MB). -
ibs=N/obs=N- Separate input and output block sizes. -
count=N- Number of input blocks to copy. -
skip=N- Skip N blocks at the start of the input. -
seek=N- Skip N blocks at the start of the output. -
status=progress- Print progress while copying. -
conv=noerror- Continue past read errors. -
conv=sync- Pad short reads with zeros to keep block alignment. -
oflag=direct- Bypass the kernel page cache on write. -
oflag=sync- Flush each write to the device before continuing.
Quick Reference
| Command | Description |
|---|---|
sudo dd if=image.iso of=/dev/sdX bs=4M status=progress oflag=sync |
Write an ISO image to a USB drive |
sudo dd if=/dev/sda of=/dev/sdb bs=64K conv=noerror,sync status=progress |
Clone one disk to another |
sudo dd if=/dev/sda1 of=/backup/sda1.img bs=4M status=progress |
Back up a partition to an image file |
sudo dd if=/dev/sda bs=4M status=progress | gzip -c > disk.img.gz |
Compressed disk image backup |
sudo dd if=/dev/sda of=/backup/mbr.img bs=512 count=1 |
Back up the MBR |
dd if=/dev/zero of=testfile bs=1M count=100 |
Create a 100 MB file of zeros |
sudo dd if=/dev/zero of=/dev/sdX bs=4M status=progress |
Wipe a disk with zeros |
dd if=/dev/zero of=tempfile bs=1M count=1024 oflag=direct |
Benchmark disk write speed |
sudo kill -USR1 $(pidof dd) |
Ask a running dd for its progress |
Troubleshooting
dd: failed to open ‘/dev/sdX’: Permission denied
Writing to a block device requires root privileges. Prefix the command with sudo. If you are already using sudo, double-check that the device path is correct and that the device is not exclusively held by another process.
dd: error writing ‘/dev/sdX’: No space left on device
The destination is smaller than the source. When cloning, the target disk or partition must be at least as large as the source. When writing an ISO, the USB drive must be larger than the ISO file.
The write is much slower than expected
The default block size of 512 bytes forces millions of tiny syscalls. Set bs=4M or bs=64K to speed things up. Also check whether other processes are doing heavy I/O on the same device.
The USB does not boot after writing the ISO
Verify that you wrote the image to the disk (/dev/sdb), not a partition (/dev/sdb1). Also confirm the ISO download with its SHA256 checksum; a truncated or corrupted download produces an unbootable stick.
dd: invalid number: ‘4M’
Older or minimal systems may ship a dd that does not accept the M, G, or K suffixes. On those systems, spell out the block size in bytes (bs=4194304 for 4 MB), or install GNU coreutils.
FAQ
What does dd stand for?
The name comes from the IBM Job Control Language statement “Data Definition.” Because of how often the command is used to overwrite disks by mistake, many Linux users jokingly call it “disk destroyer.” Either way, the behavior is the same: it copies bytes from input to output without touching the filesystem layer.
Is dd faster than cp for copying large files?
For regular files on a normal filesystem, cp is usually just as fast and safer to use. dd only wins when you are copying raw devices, working with exact byte offsets, or deliberately limiting how much data is copied with count.
Can I use dd on an SSD without damaging it?
Reading and writing with dd is fine. The concern with SSDs is full-disk wipes: a single pass of zeros is enough to erase visible data, but repeated full-drive writes wear out the flash cells. For secure erase, use blkdiscard or the drive’s built-in secure-erase command.
How do I see how much data dd has copied?
Add status=progress to the command, or send the running process the USR1 signal with sudo kill -USR1 $(pidof dd). Both methods print the byte count and current throughput without interrupting the copy.
Why use bs=4M instead of the default?
The default block size of 512 bytes means dd issues a separate read and write for every 512 bytes of data. Larger block sizes such as 4 MB dramatically reduce syscall overhead and let the kernel fill the disk pipeline efficiently, often cutting copy times by a factor of ten.
Conclusion
dd is one of the most direct tools in the Linux toolbox. It copies bytes, no more and no less, between any two files or devices. That power makes it indispensable for flashing installers, cloning disks, and building image backups, and the same power makes it unforgiving if you point it at the wrong target.
For related disk tools, see the guides on fdisk
for partitioning and df
for checking free space.
![]()