Avoid adding bash command to history

Question

I'd like to avoid adding a command to bash history, because it contains sensitive data.

$ export SECRET=sensitive
$ echo $SECRET

How can I avoid that the export command is added to the history?

Answer 1

Use the value ignorespace in the shell variable HISTCONTROL, e.g. by setting it in ~/.bashrc like this.

HISTCONTROL=ignorespace

Now you can prefix the command line with a space, and it will be ignored:

$  export SECRET=sensitive  # Intentional blank at the beginning of the line
$ echo $SECRET

From the Bash docs:

HISTCONTROL

A colon-separated list of values controlling how commands are saved on the history list. If the list of values includes ignorespace, lines which begin with a space character are not saved in the history list. A value of ignoredups causes lines matching the previous history entry to not be saved. A value of ignoreboth is shorthand for ignorespace and ignoredups. A value of erasedups causes all previous lines matching the current line to be removed from the history list before that line is saved. Any value not in the above list is ignored. If HISTCONTROL is unset, or does not include a valid value, all lines read by the shell parser are saved on the history list, subject to the value of HISTIGNORE. The second and subsequent lines of a multi-line compound command are not tested, and are added to the history regardless of the value of HISTCONTROL.