Occasionally I type a password or other sensitive information into a shell prompt. Using bash history, the command can be removed.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # say we start with an empty bash command history | |
| bash-3.2$ history | |
| 1 history | |
| # enter a command that requires a password | |
| bash-3.2$ sudo rm -i some_file | |
| Password: | |
| # accidentally ^C and type your password | |
| # into the prompt and hit enter | |
| bash-3.2$ secret_password | |
| bash: secret_password: command not found | |
| # your password is now there for all to | |
| # see in your bash history | |
| bash-3.2$ history | |
| 1 history | |
| 2 sudo rm -i some_file | |
| 3 secret_password | |
| 4 history | |
| # first option to fix it, delete the numbered entry from | |
| # history and write to your ~/.bash_history file | |
| bash-3.2$ history -d 3 | |
| bash-3.2$ history -w | |
| # entry 3 will be removed entirely from your command history | |
| bash-3.2$ history | |
| 1 history | |
| 2 sudo rm -i some_file | |
| 3 history | |
| 4 history -d 3 | |
| 5 history -w | |
| 6 history | |
| # the second option is to clear the entire history | |
| # and write the changes to disk | |
| bash-3.2$ history -c | |
| bash-3.2$ history -w | |
| # it's now pretty obvious that your history has been | |
| # scrubbed clean, but at least your password is history! | |
| bash-3.2$ history | |
| 1 history -w | |
| 2 history |