When working using bash, zsh, ksh (korn shell) or any other Unix shell the default is to save the history of the command lines typed in, this can become a security and privacy risk if someone else has access to your computer.
How to erase Unix shell history file
You can do this as long as you have administrator rights, I am using the bash shell as example, depending on what shell you are using the path and instructions might differ a little.
# kill -9 $$
$$ gives the pid of the current shell instance, and the kill ends the process.
You could also use the history command, see man history:
# history -c (clear the history)
# history -w (write to the file – overwrite!)
Delete the bash history file, find out where your shell saves the history of typed in commands and delete it the same way. You may also use the shred command to overwrite it safely.
# rm -rf ~/.bash_history
But even if you delete the ~/.bash_history file, your current bash session will still be written to history once you log out, this is because it is being stored in RAM, you will need to use the previous history -c command to avoid this.
Stop the shell saving typed commands
Examples based on the bash shell configuration files:
Turn off bash history for all users, append unset HISTFILE to /etc/profile
# echo “unset HISTFILE” >> /etc/profile
Set size of the history to zero:
HISTSIZE: The number of commands to remember in the command history. The default value in bash is 500, You can set this to 0 and disable the usage of the history file.
Introduce the following command in your personal bash configuration file ~/.bashrc (~/.zshrc for the zsh shell users) or in the global bash configuration file /etc/bash.bashrc
You will need to restart your bash session in order to activate the settings, you can check if your configuration were entered correctly by going at the command prompt and typing:
If you don’t see your configuration in the environment variables than you have done something wrong.
The name of the configuration files can depend from your Linux distribution and bash version, you can always see your particular options using man bash.
Unix shell configuration table files explained:
- Blank means a file is not read by a shell at all
- “yes” means a file is always read by a shell upon startup
- “login” means a file is read if the shell is a login shell
- “n/login” means a file is read if the shell is not a login shell
- “int.” means a file is read if the shell is interactive
- “i.login” means a file is read if the shell is an interactive login shell
To find out what shell you are using type: echo $SHELL
To change your shell see chsh –help