FedoraThis forum is for the discussion of the Fedora Project.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I just found the command 'history' which gives the last 1000 command I enter in a shell. Let's say I'm not the admin and I don't want him to see what I try to do, how do I delete the history? I deleted the file /home/yanik/.bash_history but when I run the command history after that, the first command is rm .bash_history!!!! dammit! lol . I though I could do a little script that would execute something like ls a thousand time, which seems to work, but is there a cleaner way? Because it is still suspicious to ls the same dir 1000 time lol.
history -c clears the history
I set my .bash_logout to do this every time I logout. I have mine to clear, rm -rf .bash_history, and then history -c
keep it last so nothing's really seen
Originally posted by yanik Let's say I'm not the admin and I don't want him to see what I try to do, how do I delete the history?
Let's say the admin want's to see what you're doing, and you want to stop him. You think you can actually do that?! You would probably only succeed in raising a big 'ol red flag for your efforts, if you have a sharp sysadm. People who try to hide what they're doing (should) raise suspicions. You might end up having yourself watched keystroke by keystroke via ttysnoop or some other such tool.
seems like this is his own system he's messing with, but I agree entirely if it's not his system.
You will definitely just raise a red flag on yourself, there are many other ways that admins can watch you keystroke for keystroke. clearing the history would only do any good to someone connecting to your machine and using it for malicious purposes. then it wouldn't do a *lot*
There are other ways to make this less obvious as to what you are doing, like writting a c program using system() calls to the shell, or a perl script compiled with perlcc
Then you've got an admin who has atleast half-a-brain. I've seen plenty of server "admins" who don't know jack about what they are doing, and the crontab trick usually stumps them.
Anyway, another trick to get around this is to have a background process running that sits there and checks your crontab. If it changes, it puts it back. And have the process ignore all signals to make it hard to kill.
Of course there is a way for the admin to get rid of that, but there comes a point where it is he who knows more, being the one who comes out on top.
And the final question is: is having your .bash_history file not recording your history really THAT important?
I guess if you have a sysadm as green as the ones cormander has been blessed(?) with, it doesn't really matter if you hide your shell history or not. They'd be too inexperienced to locate even those files! acctcom, /var/cron/log, PAM, and all kinds of other places can turn up tons of detail on your activities. Tracking down an experienced cracker who has already gained root access can be tough. But routine users ... not really much of a problem. Excepting the flailing efforts of a totally inexperienced sysadmin as cormander points out, but that's a different issue.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.