Authors Top

If you have a few years of experience in the Linux ecosystem, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

1. Overview

In Linux, the shell stores in a history file every command that we run and this can be very useful. However, sometimes these commands might contain sensitive information that we prefer to hide. Hence, preventing the shell from storing executed commands in the history file is useful.

In this tutorial, we’ll see how to achieve this.

2. Deleting a Command’s History Soon After Execution

Can we delete a command from history immediately after running it? Certainly, it’s possible.

Let’s have a look at two applicable solutions.

2.1. Prefixing the Command With a Space

We will begin by adding a space before the command we will be running. The shell ignores a command prefixed with a space and therefore fails to update it to history.

Briefly, it’s important we verify that the HISTCONTROL environment variable has a value of either ignorespace or ignoreboth:

$ echo $HISTCONTROL
ignoreboth

Above, the echo command displays the value of the variable passed as an argument. Additionally, we can confirm this value by checking the ~/.bashrc file:

$ cat ~/.bashrc | grep $HISTCONTROL
HISTCONTROL=ignoreboth

Since we’ve set the HISTCONTROL variable, let’s look at the newest commands stored in the history bash file:

$ history | tail
   93  $HISTCONTROL
   94  HISTCONTROL=ignoreboth
   95  HISTCONTROL
   96  $HISTCONTROL
   97  echo $HISTCONTROL
   98  cat ~/.bashrc | grep $HISTCONTROL
   99  echo $HISTCONTROL
  100  cat ~/.bashrc | grep $HISTCONTROL
  101  history
  102  history | tail

Here we see the last command saved is the one we ran above. Next, let’s run the pwd command with a space at the start:

$  pwd
/home/peter

Now, let’s see if there are any changes in our history file:

$ history | tail
  ...
  100  cat ~/.bashrc | grep $HISTCONTROL
  101  history
  102  history | tail

Great, we can see that there is no new entry in our history file.

2.2. Appending ;history -d $(history 1) To a Command

This command works the same as the earlier one. It erases the command from history soon after its execution.

Let’s append our command to a pwd command and monitor if there will be any changes to the history file:

$ pwd;history -d $(history 1)
/home/peter

Great, let’s have a look at the history file:

$ history | tail
  ...
  100  cat ~/.bashrc | grep $HISTCONTROL
  101  history
  102  history | tail

From the above output, we can see that there’s no new command entry in the history.

3. Using Environment Variables

How can we use environment variables to come up with a solution? For that, let’s set some of these variables to instruct the shell which commands to store and not store in the history file.

3.1. Using the HISTIGNORE Variable

We’ll work with the HISTIGNORE variable. For instance, with this variable, we can instruct the shell not to add any commands to our history file:

$ HISTIGNORE='*'

Here, we make sure that any command we run in our terminal will not be saved in history.

Importantly, we can unset the HISTIGNORE variable back to the default:

$ unset HISTIGNORE

Next, let’s set this variable to ensure that we ignore commands matching a certain pattern:

$ HISTIGNORE='pwd'

So, whenever we run the pwd command, it won’t be updated in the history file.

3.2. Using the HISTSIZE Variable

This environment variable specifies the number of commands we can store in the history file per terminal session:

$ echo $HISTSIZE
1000

Our history file can hold 1000 commands per session. So, what we can do is alter the value of HISTSIZE to 0:

$ export HISTSIZE=0

Using the HISTSIZE environment variable, we’ve disabled the shell from saving new commands to the history file in this current session.

4. Deleting the Whole History File Records

Another option that’s available is to delete the entire history record for all the commands executed. For this, we need the history command:

$ history -cw

This command works the same as the HISTFILE method. However, we should execute it only after we’ve completed running all the commands we need.

5. Disabling and Enabling History

In this section, we will make use of the set command. We’ll switch on and then switch off the ability of the shell to store history commands:

$ set +o history

Now, any command we run in the command line after running the command above will not be included in history.

We also need to know how to unset this property if we want new commands to be recorded into the history file again:

$ set -o history

Now, all commands run will be stored in history.

6. Conclusion

In this article, we’ve seen that we can delete the history of commands soon after execution. Additionally, we’ve also seen it’s possible to ignore certain commands or all of them by setting some environment variables. Finally, now we can easily hide commands that hold sensitive information.

Authors Bottom

If you have a few years of experience in the Linux ecosystem, and you’re interested in sharing that experience with the community, have a look at our Contribution Guidelines.

Comments are closed on this article!