The history command in Linux (Bash history) is an indispensable tool for any command-line user wanting to speed up workflows, audit past activity, or recover lost commands. Whether you are an administrator troubleshooting a server or a developer repeating complex commands, understanding how Bash stores, displays, searches, edits, and shares history can save time and reduce errors. This guide dives deep into the Bash history command, explaining expansions, argument reuse, secure handling of sensitive entries, session synchronization, and practical configuration tips. By the end you'll be able to customize HISTSIZE limits, configure histappend for concurrent terminals, use fc to edit legacy commands, and apply safe practices to avoid accidental leakage of secrets — all with clear examples and realistic outputs.
Overview: What the History Command Does and When to Use It
The history command displays the list of commands that the Bash shell has recorded from your sessions. By default Bash keeps this list in memory during a session and saves it to a history file (usually ~/.bash_history) when the session exits. The command can be used to list recent commands, filter and search entries, re-run commands using history expansion (! shortcuts), edit prior commands with fc, and manipulate the on-disk history file with flags like -a and -w. In environments with multiple terminals, special settings such as shopt -s histappend and a tailored PROMPT_COMMAND help merge histories from concurrent sessions. Below are practical examples that show typical outputs and explain how to interpret and use them safely and effectively.
history 462 ls -la 463 cd /var/www/html 464 git status 465 sudo apt update 466 history
The plain history command prints the in-memory list of previously executed commands, prefixed by line numbers. These numbers can be used with history expansions (for example !465) to re-run a specific command. The output shown lists recent commands and demonstrates how history indexes increment across the session.
Viewing and Filtering History
Often you only need a small window of recent commands or to find commands that include a keyword. Passing a number to history returns only the last N entries. Piping history to grep filters for patterns. Using these approaches makes locating long or forgotten commands quick without scrolling through thousands of lines.
history 5 462 ls -la 463 cd /var/www/html 464 git status 465 sudo apt update 466 history
Running history 5 displays the last five commands in the current session. This is useful to review recent steps, confirm command arguments, or copy and reuse a path or option. The integer is treated as an argument telling Bash how many of the most recent entries to show.
history | grep nginx 178 sudo systemctl restart nginx 251 sudo nano /etc/nginx/nginx.conf 389 ls -la /etc/nginx
Piping history into grep filters entries that match the given string. Use quotes for complex patterns. This technique is extremely helpful to find previously used file paths, service commands, or troubleshooting steps you ran earlier.
History Expansion Shortcuts and Argument Reuse
Bash offers history expansion operators (the “!” family) for fast command reuse: !! repeats the previous command, !n re-runs the nth history entry, !-n runs the command n entries back, and !word runs the most recent command that begins with word. There are also argument designators: !$ (last argument), !^ (first argument), and !* (all arguments). These are powerful but must be used with caution because they execute without edit by default; use fc to edit if you’re uncertain.
!! sudo apt update
Typing !! re-executes the previous command. In this example the last command was sudo apt update, so !! expands and runs it. This is commonly used to re-run a command with sudo: sudo !!.
echo /var/log/nginx/error.log && tail -n 20 !$ /var/log/nginx/error.log tail -n 20 /var/log/nginx/error.log
The !$ designator represents the last argument of the previous command. Here it’s used to avoid retyping the long path when running a second command on the same file. Chaining commands with && ensures the second runs only if the first succeeds.
Editing Historical Commands with fc
When a command needs correction before re-running, fc opens the previous command (or a specified history range) in your default editor ($EDITOR). You can also list commands with fc -l to inspect them without editing. This provides a safe way to modify complex invocations that would be risky to expand and run directly with !.
fc -l -10 457 ssh user@host 458 rsync -avz ./site/ user@host:/var/www/site 459 git pull origin main 460 sudo systemctl restart apache2 461 history
The command fc -l -10 lists the last ten commands (the -l flag lists rather than opening an editor). You can change the range to focus on a subset. To edit a specific numbered entry, run fc 458 which opens that command in $EDITOR and replaces it with the edited version after you save and exit.
Saving, Appending and Synchronizing History Across Sessions
Bash reads the history file at session start and writes to it at session end. With many terminals open this behavior can cause history loss or overwrites. To share history reliably, enable the histappend option and make the shell append and reload history on every prompt via PROMPT_COMMAND. This keeps history up to date across concurrent sessions.
shopt -s histappend
The shopt -s histappend command enables appending to the history file instead of overwriting it when a shell session exits. Pair this with a PROMPT_COMMAND that writes and re-reads the file to merge new entries from other sessions.
PROMPT_COMMAND="history -a; history -c; history -r; $PROMPT_COMMAND"
Setting PROMPT_COMMAND as shown tells Bash to append the current session's new history entries to the history file (history -a), clear the in-memory list (history -c), and reload the merged file (history -r) before printing each prompt. Add both the shopt and PROMPT_COMMAND lines to ~/.bashrc to make the behavior persistent.
Managing History File Size and Behavior
Control how many commands are stored with HISTSIZE (in-memory) and HISTFILESIZE (on-disk). Use HISTCONTROL and HISTIGNORE to avoid saving duplicates or sensitive commands. A typical configuration placed in ~/.bashrc looks like this:
export HISTSIZE=10000
Setting HISTSIZE=10000 increases the number of commands Bash keeps in memory for the current session. Similarly, define HISTFILESIZE to limit the disk-stored history length. Use HISTCONTROL=ignoreboth to skip commands starting with a space and consecutive duplicates, and HISTIGNORE to exclude patterns like 'ls:cd:pwd'.
Clearing and Deleting Specific Entries Securely
To remove sensitive commands from memory and persist the change to disk, delete entries with history -d, clear with history -c, and immediately write the new list back with history -w. On Bash 5.0 and later you can delete a range with a single -d invocation.
history -d 358
history -d 358 removes the history entry with index 358 from the current in-memory history list. After deleting sensitive lines, use history -w to overwrite the history file and ensure the deletion persists to disk. Remember to run these commands in the session that holds the entries or after reloading the merged history.
history -c
The history -c option clears the current session's in-memory history list. To ensure the file on disk is also cleared, follow with history -w, which writes the (now empty) in-memory list to the file, effectively wiping ~/.bash_history.
Security Best Practices for Bash History
History can leak secrets if you paste passwords or tokens into a shell. Best practices include: never pasting secrets; using tools that prompt for secrets (sudo uses a password prompt); starting sensitive commands with a space when HISTCONTROL=ignorespace is set; adding sensitive command patterns to HISTIGNORE; and proactively deleting entries with history -d followed by history -w. For forensic-proof erasure, consider editing ~/.bash_history directly and ensuring file permissions are restrictive.
Conclusion
The history command in Linux and associated Bash features provide potent ways to inspect, re-run, edit, and manage command history. Properly configured, Bash history becomes a shared, searchable audit of daily work that improves productivity while remaining secure. Use history expansions for rapid repetition, fc for safe edits, histappend and PROMPT_COMMAND to synchronize sessions, and HISTSIZE/HISTFILESIZE/HISTCONTROL to tune retention and privacy. Keep sensitive data out of your command line whenever possible and remove any accidental leaks promptly using the deletion and write commands shown above.