BASH (bourne again shell), the default shell used on many GNU/Linux distributions, keeps a history of all commands entered. This can be a great convenience. However, scrolling back, I saw a number of commands I would prefer gone in case somebody decided to snoop around my system. Especially the commands where I accidently entered the root password in the shell. I’m sure it’s happened to many of you before too – you think you type “su”, but something happens and it doesn’t enter. So then you type your password, not noticing (in my case, I may be reading a chat or article while I’m typing it in), and then BAM – it’s entered in the BASH command history.
So, when going through my home folder one day, I came across a hidden file called .bash_history. Hmm, I wondered. Could this solve my problem? Yes! It can!
1 2 3 | $ rm ~/.bash_history # You can also clear your history with the following command: $ history -c |
After deleting the file, open BASH and hit the up key – you should get nothing but a pleasant beep. A wonderful representation of security. Of course, it’d be best to shred the file using a utility such as, well, shred, so that nobody can retrieve the deleted contents. Note that you can only use the below command to shred the file if you haven’t already deleted it.
1 | shred ~/.bash_history |
And all should be well. But, what if you don’t want it to keep a track of your history? Well, there’s a couple ways to do so. I pulled the examples from the following link:
http://gentoo-wiki.com/SECURITY_Bash_History_Functions
The easiest one, which I did (I don’t feel like wasting any more time on this), was the following command:
1 | ln -s /dev/null ~/.bash_history |
This creates a link so that .bash_history points to /dev/null. Anything sent to /dev/null never returns – thus the name. It is simply discarded.
Tagged: bash
![[FSF Associate Member]](/images/fsf-member.png "[Mike Gerwitz - FSF Associate Member]"){kind=small}