Commands history is a great feature of the bash shell. However, there are times when it is best to disable it. One good example when you might prefer your bash shell commands history to be disabled is on the production server accessible from the external network where potential attacker might gain an access to your server and re-read your history file to search for useful commands, services in use or accidentally inserted passwords. Below you can find bunch of commands to help you disable history from being stored or how to remove all currently stored commands.
Where are history commands stored
All commands your enter on the shell are stored within your local directory into a file called .bash_history
. This is a default history file defined by HISTFILE
variable:
# echo $HISTFILE /root/.bash_history
You can use a cat
or history
command to read all history commands you have entered previously:
$ cat ~/.bash_history OR $ history
Disable history for a current shell
When you login to your Linux box you can disable a all command to be stored into a history file.bash_history
by running a following command:
$ set +o history
What the above command will do is that it will prevent your shell from storing all commands entered during your current shell session into the .bash_history
file. You will also not be able to revoke any of your previously entered commands.
Clean command history
Run the following linux command to clean both history file and all currently history file unsaved commands:
$ history -c
After you execute the above command you will no longer be able to access history for both saved and unsaved history commands.
Permanently disable bash history
All the above commands will disable your command history for a current shell only. To permanently disable shell command history run the following linux command:
echo 'set +o history' >> ~/.bashrc
Next time you login your shell will not store any commands to a history file .bash_history
. To apply this settings immediately for your current shell session source your .bashrc
file:
$ . ~/.bashrc
Run the bellow command if you need to disable a command history system wide:
# echo 'set +o history' >> /etc/profile
Clean a history file on a remove host
In case you have done some work on your remote server while the command history is turned on you can simply remove it using ssh
command:
$ ssh user@linuxserver "> ~/.bash_history"
The above command will blank history file on a remove host without appending any additional commands.