[ams6110]

Servers should have zero history saved on the disk. It gives any intruder an easy place to look for passwords, private keys, etc that may have been accidentally recorded and gives clues about related systems.

If you have administrative stuff you need to do more than once, write a little script or alias for it. Depending on history for this is just lazy.

[TeMPOraL]

OTOH what about audit trail? Are there any standard solutions for saving commands input at servers without giving person inputting those commands access to the logs?

Also, silly idea for a DOS attack vector: script-spam enough commands to have the audit history consume all available space on server.

[aaronharnly]

We use rootsh[1] logging to syslog, which gets forwarded to a logging server, which in turn is periodically copied to a wholly separate AWS account, so that in case of breach of the main account the audit logs are intact.

[1] http://linux.die.net/man/1/rootsh

[mark_l_watson]

Excellent point if anyone can get access to your home directory files.

I work around the security issues by not backing up history and having encrypted file systems on all of my Linux laptops. I don't save history on my servers.