HideIPVPN
RSS Feed Click to Subscribe!

Stop your Unix/Linux shell from saving typed in commands

When working using bash, zsh, ksh (korn shell) or any other Unix shell the default is to save the history of the command lines typed in, this can become a security and privacy risk if someone else has access to your computer.

How to erase Unix shell history file

You can do this as long as you have administrator rights, I am using the bash shell as example, depending on what shell you are using the path and instructions might differ a little.

# kill -9 $$

$$ gives the pid of the current shell instance, and the kill ends the process.

You could also use the history command, see man history:

# history -c (clear the history)
# history -w (write to the file – overwrite!)

Delete the bash history file, find out where your shell saves the history of typed in commands and delete it the same way. You may also use the shred command to overwrite it safely.

# rm -rf ~/.bash_history

But even if you delete the ~/.bash_history file, your current bash session will still be written to history once you log out, this is because it is being stored in RAM, you will need to use the previous history -c command to avoid this.

Stop the shell saving typed commands

Examples based on the bash shell configuration files:

Turn off bash history for all users, append unset HISTFILE to /etc/profile

# echo “unset HISTFILE” >> /etc/profile

Set size of the history to zero:

HISTSIZE: The number of commands to remember in the command history. The default value in bash is 500, You can set this to 0 and disable the usage of the history file.

Introduce the following command in your personal bash configuration file ~/.bashrc (~/.zshrc for the zsh shell users) or in the global bash configuration file /etc/bash.bashrc

export HISTSIZE=0

You will need to restart your bash session in order to activate the settings, you can check if your configuration were entered correctly by going at the command prompt and typing:

env

If you don’t see your configuration in the environment variables than you have done something wrong.

The name of the configuration files can depend from your Linux distribution and bash version, you can always see your particular options using man bash.

Configuration files path Unix shell
Configuration files path Unix shell

Unix shell configuration table files explained:

  • Blank means a file is not read by a shell at all
  • yes” means a file is always read by a shell upon startup
  • login” means a file is read if the shell is a login shell
  • n/login” means a file is read if the shell is not a login shell
  • int.” means a file is read if the shell is interactive
  • i.login” means a file is read if the shell is an interactive login shell

To find out what shell you are using type: echo $SHELL

To change your shell see chsh –help

Add a Comment

Your email address will not be published. Required fields are marked *