The command history mechanism of the shell environment in Linux provides users with great convenience, and also poses a potential risk to users. As long as the user's command history file, the user's command operation process will be sweeping, if the command line has been entered in plaintext password, then inadvertently the server's security fortress has a more notch.
In the bash terminal environment, the number of record bars for history commands is controlled by the variable histsize, which defaults to 1000. By modifying the value of the histsize variable in the/etc/profile file (root permission required), all users in the system can be affected.
Example: Set up to record only 100 history commands (permanent)
Currently logged in user (valid only for this login)
In addition, you can modify the ~/.bash_logout file in the user's host directory to add an action statement that clears the history command. This way, when a user exits a bash environment that is already logged in, the recorded history command is automatically emptied.
Linux Elevation system security: Historical Command Histsize