BASH (bourne again shell), the default shell used on many GNU/Linux distributions, keeps a history of all commands entered. This can be a great convenience. However, scrolling back, I saw a number of commands I would prefer gone in case somebody decided to snoop around my system. Especially the commands where I accidently entered the root password in the shell. I’m sure it’s happened to many of you before too - you think you type “su”, but something happens and it doesn’t enter. So then you type your password, not noticing (in my case, I may be reading a chat or article while I’m typing it in), and then BAM - it’s entered in the BASH command history.

So, when going through my home folder one day, I came across a hidden file called .bash_history. Hmm, I wondered. Could this solve my problem? Yes! It can!


rm ~/.bash_history


After deleting the file, open BASH and hit the up key - you should get nothing but a pleasant beep. A wonderful representation of security. Of course, it’d be best to shred the file using a utility such as, well, shred, so that nobody can retrieve the deleted contents:


shred ~/.bash_history


And all should be well. But, what if you don’t want it to keep a track of your history? Well, there’s a couple ways to do so. I pulled the examples from the following link:

http://gentoo-wiki.com/SECURITY_Bash_History_Functions

The easiest one, which I did (I don’t feel like wasting any more time on this), was the following command:


ln -s /dev/null ~/.bash_history


This creates a link so that .bash_history points to /dev/null. Anything sent to /dev/null never returns - thus the name. It is simply discarded.