Why clearing linux history is important


I have always been in doubt about why deleting the bash history is important, so I reflected on this by asking people in the linux world. They have given me some points here:

  • If you don't clear the history, you will be able to snoop around the commands you have done on the server. This means if a hacker access your server, she will be able to see every command you made, and how you setup the server.
  • Writing an password in a command, for example: "mysql-create-user username=myusername password=mypassword" would end up in the bash history, and this would not be awesome cause a hacker would see the password there. But wait, don't you have to be root to see bash history? - see the next point.
  • Yes you need to be root, to see bash history, but what if you replace your harddisk? Then the system's bash history of the current password (on the new harddisk), will be still on the old harddisk.
  • Another point will be, when you execute an command, other users on the same server can snoop the password, for example by using "who" or "w".

Always delete your bash history file if any password is within it.


Rubatharisan Thirumathyam