If you are relying on that encryption, just remember to clear your bash history ...

mentat · on June 24, 2014

  def make_key(self, password):
        """Creates an encryption key from the default password or prompts for a new password."""
        self.key = hashlib.sha256(password.encode("utf-8")).digest()

Crack unsalted sha256 of ascii space NSA...

https://docs.python.org/2/library/hashlib.html#key-derivatio... (at least)

gcr · on July 3, 2014

No salt?

mdaniel · on June 24, 2014

I've enjoyed great success by symlinking the various history files to /dev/null

That way the history for the current window remains but after the window closes any accidental password-on-the-command-line mistakes will vaporize.

    for i in .sh_history .bash_history .lesshst .mysql_history etc
    do
      ln -s /dev/null $i
    done

lloeki · on June 25, 2014

Start command with a space: it won't go to the history:

  # ignore repeated, space-started, and casual commands
  export HISTIGNORE="&:[ ]*:l[sl]:[bf]g:exit"

jmottz · on June 27, 2014

export HISTINGNORE="jrnl *"

Works well also.