267

When doing software development, there is often need to include confidential information in command line commands. Typical example is setting credentials for deploying the project to a server as environment variables.

How can I execute some commands, when I don't want to store them in the command history?

Nobody must be able to search them in the .bash_history file. Is there a way how to execute Bash commands this way?

hyde
  • 60,639
  • 21
  • 115
  • 176
Jan Vorcak
  • 19,261
  • 14
  • 54
  • 90
  • 20
    This question should probably be moved to ServerFault as this is not "programming" as much as it is "server admin" - but thanks for the question/answer, exactly what I needed! – Andrew Theken Aug 29 '14 at 13:39

13 Answers13

377

Start your command with a space and it won't be included in the history.

Be aware that this does require the environment variable $HISTCONTROL to be set.

  • Check that the following command returns ignorespace or ignoreboth:

     echo $HISTCONTROL

  • To add the environment variable if missing, the following line can be added to the Bash profile. E.g., to file %HOME/.bashrc.

     export HISTCONTROL=ignorespace

After sourcing the profile again, space-prefixed commands will not be written to $HISTFILE.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
u-punkt
  • 4,744
  • 1
  • 16
  • 7
  • 23
    This doesn't work unless ignorespace is included in $HISTCONTROL - although this is probably the default on most systems. – pgl Dec 12 '11 at 10:58
  • 2
    Correct. For more details the OP should have a look at HISTCONTROL and HISTIGNORE in the bash man page. – u-punkt Dec 12 '11 at 11:02
  • 4
    http://www.thegeekstuff.com/2008/08/15-examples-to-master-linux-command-line-history/ - more bash history tips are available here including this method of hiding commands from history – user379997 Dec 12 '11 at 14:38
  • If you put space before the command, that won't save the command in history for some OS. – discover May 20 '22 at 20:43
69

In any given Bash session, set the history file to /dev/null by typing:

export HISTFILE=/dev/null

Note that, as pointed out in the comments, this will not write any commands in that session to the history!

Just don't mess with your system administrator's hard work, please ;)

Doodad's solution is more elegant. Simply unset the variable: unset HISTFILE (thanks!)

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Miquel
  • 15,405
  • 8
  • 54
  • 87
  • 6
    This will prevent *all* commands from being logged. It's not what the questioner wants. – Noufal Ibrahim Dec 12 '11 at 11:07
  • 17
    This caused problems for me related to `/dev/null` permissions being set to 0600 on logout. Instead I used `unset HISTFILE`. – Doodad Oct 06 '14 at 16:53
46
echo "discreet";history -d $(history 1)
John Doe
  • 461
  • 4
  • 2
28

An extension of John Doe's and Cédric ROYER's answer. But, this seems to work for me.

<your_secret_command>; history -d $((HISTCMD-1))

You should not see the entry of the command in your history.

Here's the explanation...

The 'history -d' deletes the mentioned entry from the history.

The HISTCMD stores the command_number of the one to be executed next. So, (HISTCMD-1) refers to the last executed command.

Remove a certain line from Bash history file

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Rangaraj KS
  • 389
  • 3
  • 4
16

If you are using Z shell (zsh) you can run:

setopt histignorespace

After this is set, each command starting with a space will be excluded from history.

You can use aliases in .zshrc to turn this on/off:

# Toggle ignore-space. Useful when entering passwords.
alias history-ignore-space-on='\
setopt hist_ignore_space;\
echo "Commands starting with space are now EXCLUDED from history."'

alias history-ignore-space-off='\
unsetopt hist_ignore_space;\
echo "Commands starting with space are now ADDED to history."'
Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Rotareti
  • 49,483
  • 23
  • 112
  • 108
11

You can start your session with

export HISTFILE=/dev/null ;history -d $(history 1)

then proceed with your sneaky doings. Setting the histfile to /dev/null will be logged to the history file, yet this entry will be readily deleted and no traces (at least in the history file) will be shown.

Also, this is non-permanent.

Christian
  • 1,212
  • 1
  • 15
  • 30
  • This was already answer many times. What would you say your answer adds to this thread (except for useless noise)? – gniourf_gniourf Jan 02 '18 at 10:07
  • It wasn't *put together in one answer*, so as to not have the command itself show up in the history *and* not have anything show up that's entered thereafter. – Christian Jan 02 '18 at 18:28
  • 2
    But now this thread is a real mess! in this case, especially for such an old question, I believe it's better that you edit already existing good answers, and/or leave a comment… – gniourf_gniourf Jan 02 '18 at 18:32
11

You might consider using a shell without history, like perhaps

/bin/sh << END
   your commands without history
END

(perhaps /bin/dash or /bin/sash could be more appropriate than /bin/sh)

Or even better, use the batch utility, e.g.,

batch << EOB
   your commands
EOB

The history would then contain sh or batch which is not very meaningful.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Basile Starynkevitch
  • 223,805
  • 18
  • 296
  • 547
7

As mentioned by Doodad in comments, unset HISTFILE does this nicely, but in case you also want to also delete some history, do echo $HISTFILE to get the history file location (usually ~/.bash_history), unset HISTFILE, and edit ~/.bash_history (or whatever HISTFILE was - of course it's now unset so you can't read it).

$ echo $HISTFILE       # E.g. ~/.bash_history
$ unset HISTFILE
$ vi ~/.bash_history   # Or your preferred editor

Then you've edited your history, and the fact that you edited it!

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
drkvogel
  • 2,061
  • 24
  • 17
  • Tried this on: GNU bash, version 3.2.57(1)-release (x86_64-apple-darwin15) and it does not work. The commands I used after unset HISTORY were stored in ~/.bash_history – Krystian Mar 01 '17 at 13:46
  • @Krystian My mistake - I had written "unset HISTORY" when it should be "unset HISTFILE" - corrected. Does it work now? It works on GNU bash, version 4.3.30(1)-release (x86_64-pc-linux-gnu). – drkvogel Mar 02 '17 at 20:49
  • well I am not sure. Simple test: `unset HISTFILE; echo TEST; history` will give you the command `echo TEST` as the previous to last. Although after terminating the session and connecting again, history does not have this entry indeed. So I would say it works :) – Krystian Mar 02 '17 at 20:57
  • `unset HISTFILE` does not seem to stop commands being recorded in the history in memory, but it does stop them being recorded in whatever file $HISTFILE was. So I guess you still have your local history in memory, but it is not being recorded in a file anymore, which is what you might want! ;) – drkvogel Mar 03 '17 at 21:38
4

You can also use the following command:

echo toto; history -d $(history | sed -n '$s/\s*\([0-9]*\)\s*.*$/\1/p')

I think it's a very portable command.

Peter Mortensen
  • 30,738
  • 21
  • 105
  • 131
Cédric ROYER
  • 389
  • 2
  • 4
  • I've created alias from this: `alias forget="history -d $(history | sed -n '$s/\s*\([0-9]*\)\s*.*$/\1/p')"` and now You can do it something like this: `mysql -uroot -pSecretPassword ; forget` – sobi3ch Jan 12 '17 at 17:54
  • 1
    Sorry, but I realise You need to create function instead of alias because of quotation marks change meaning of `$s` and other things in sed. `function forget() { // put code here // }` – sobi3ch Jan 12 '17 at 18:05
3

You just need to run:
$ set +o history

To see more, run:
$ man set

Igor Santos
  • 66
  • 1
  • 3
    This disables history for all future commands, not for an individual command. Most people who come here should look at the accepted answer instead. – tripleee Nov 07 '18 at 09:13
  • This is valid, or okay but incomplete. As long as we add the reverse command `set -x history` afterward, it works. – Abdillah Apr 23 '20 at 09:40
  • I'm reading the manual and it would seem that `set -o history` turns the history back on. Are you sure it's `set -x history`? – Garret Wilson Sep 28 '22 at 12:46
3

There are several ways you can achieve this. This sets the size of the history file to 0:

export HISTFILESIZE=0

This sets the history file to /dev/null, effectively disabling it:

export HISTFILE=/dev/null

For individual commands, you can prefix the command with a space and it won't be saved in the history file. Note that this requires you have the ignorespace value included in the $HISTCONTROL environment variable (man bash and search for ignorespace for more details).

pgl
  • 7,551
  • 2
  • 23
  • 31
  • 3
    This will prevent *all* commands from being logged. It's not what the questioner wants. – Noufal Ibrahim Dec 12 '11 at 11:07
  • Well, I kind of assumed that the questioner would reset the values after doing whatever it was he wanted that shouldn't be logged. – pgl Dec 12 '11 at 12:04
1

This is handy if you want to erase all the history, including the fact that you erased all the history!

rm .bash_history;export HISTFILE=/dev/null;exit
cnd
  • 1,689
  • 16
  • 14
0

This command might come in handy. This will not record the command that is executed

history -d $((HISTCMD-1)) && <Your Command Here>
jww
  • 97,681
  • 90
  • 411
  • 885
RAVI THEJA
  • 1
  • 1