Writing Bootable USB Drives with dd: Precision Over Convenience

Question

Graphical tools like Rufus or Balena Etcher are convenient and widely used. However, when working in constrained environments, rescue scenarios, or legacy hardware, abstractions can hide critical details.

This article explains how to safely create bootable USB drives using the dd command, focusing on correctness, transparency, and risk mitigation.

A Serious Warning: dd Is Not Forgiving

The dd command writes data byte-for-byte to a target device. A single mistake in the output path can irreversibly destroy your primary disk.

Before proceeding:

• Disconnect unnecessary storage devices
• Identify the correct USB device twice
• Never guess the device path

Step-by-Step: ISO to Bootable USB

1. Identify the USB device

lsblk

Look for removable devices (RM=1).

Confirm using:

dmesg | tail -20

2. Unmount existing partitions

sudo umount /dev/sdX* 2>/dev/null || true

3. Write the ISO using dd

sudo dd if=debian-13.3.0-amd64-netinst.iso \
        of=/dev/sdX \
        bs=4M \
        status=progress \
        conv=fdatasync \
        oflag=direct

Key options explained:

• bs=4M: improves throughput
• status=progress: shows real-time progress
• conv=fdatasync: ensures physical writes
• oflag=direct: bypasses page cache

4. Validate the result (optional but useful)

sudo fdisk -l /dev/sdX

For deeper inspection:

sudo dd if=/dev/sdX bs=512 count=1 | hexdump -C | head -1

5. Safely eject

sync
sudo eject /dev/sdX

Why dd Instead of GUI Tools?

dd excels when:

• Running in headless or server environments
• Automating workflows
• Debugging boot failures
• You need full visibility into the write process

Common Mistakes and Prevention

Mistake	Consequence	Prevention
Using /dev/sdX1 instead of /dev/sdX	Non-bootable USB	Always target the raw device
Forgetting sudo	Permission denied	dd requires block-level access
Omitting fdatasync	Incomplete writes	Always include it
Writing to /dev/sda by mistake	Total data loss	Verify with lsblk and dmesg

A Safer Wrapper Script

#!/bin/bash
ISO="$1"
DEVICE="$2"

if [ $# -ne 2 ] || [ ! -f "$ISO" ] || [ ! -b "$DEVICE" ]; then
  echo "Usage: $0 <file.iso> <device>"
  lsblk -d -o NAME,SIZE,MODEL
  exit 1
fi

echo "WARNING: This will overwrite $DEVICE"
read -p "Type YES to continue: " CONFIRM

[ "$CONFIRM" = "YES" ] || exit 1

sudo dd if="$ISO" of="$DEVICE" bs=4M status=progress conv=fdatasync oflag=direct
sync

Conclusion

dd is not just a command — it is a reminder that low-level control comes with responsibility.

When used correctly, it offers unmatched reliability and transparency, especially in real-world Linux scenarios where graphical tools fall short.

Use it carefully, verify everything twice, and it will never let you down.

---

Debian:

https://www.debian.org/releases/stable/amd64/

GNU dd:

https://www.gnu.org/software/coreutils/manual/html_node/dd-invocation.html

Arch Wiki (dd):

https://wiki.archlinux.org/title/Dd