Skip to content

Security and Privacy

Jump to bottom Edit New page
Ryan Caloras edited this page Apr 9, 2017 · 11 revisions

This section tries to outline Bashhub's practices to address Security and Privacy.

Communication

HTTPS

SSL Certificate

All communication to Bashhub is over HTTPS. Bashhub's client uses requests to communicate with the server.

Storage

Storage Level Encryption

All commands are stored in a non-relational database that is encrypted at rest using storage level encryption via LUKS.

Text Search

To support text search on the server side, commands are not encrypted at the application layer. Searching would require decrypting commands on demand. A full search experience requires there to be a text index on the commands themselves.

Privacy

All commands are private. Commands recorded on behalf of a user are only accessible using that user's authentication token. There is currently no way to share these commands and they're not publicly accessible.

Authentication / Identification

Bashhub currently generates each user a unique identification token which is passed with each user request to validate a user's actions. This token is necessary to perform any actions on behalf of a user for the command api.

Sensitive Information

Bashhub saves a copy of a command exactly as it's recorded in your history. Credentials which are recorded via a prompt (e.g. default ssh and postgres) are not recorded. Only if you plain text a password as part of a command will it be recorded. For example:

$ mysql -u bob -p plain-text-password # This is bad practice in general.

Good practice is to not plain text user information instead use a prompt e.g.

$ mysql -u "$DB_USER" -p # Best Practice. Prompts you for a password.

Instead of prompting, you could also set an environment variable.

$ mysql -u "$DB_USER" -p "$DB_PASSWORD" # This is better practice.

Filtering Commands

You can filter commands from being recorded to Bashhub via a regex set to the environment variable BH_FILTER. These commands will be ignored and omittted from Bashhub.

# Filter out any commands for postgres or ssh
export BH_FILTER="(psql|ssh)"
ssh rcaloras@some-ip-address # will not be saved

You can check the configuration of this command via the bashhub filter subcommand.

# Check if a command is filtered by my regex
export BH_FILTER="(-p)"
bashhub filter "mysql -u root -p plain-text-password"
BH_FILTER=(-p)
mysql -u root -p plain-text-password 
Is Filtered. Matched ['-p']

Disabling recording commands

You can turn on/off recording to Bashhub via bashhub on and bashhub off. By default this only affects the current bash session.

$ bashhub off
$ echo "Recording is now disabled for this session. This command won't be saved."
....
$ bashhub on
$ echo "Recording commands is now re-enabled"

You can disable for all sessions by setting bashhub off --global this sets save_commands = False in your bashhub config.

Lastly #ignore added to any command will omit it from being saved. Simply add it to the end of any command and it won't be recorded in Bashhub.

$ echo "this command won't be saved" #ignore

Respect

No Bashhub maintainer ever accesses commands unless required for support reasons. When working to support issues we do our best to respect your privacy as much as possible and only access what's needed to resolve an issue.

User Profiles

A small amount of high level meta-data is publicly accessible on user profile pages. For example https://bashhub.com/u/rccola.

This contains very high level information like:

  • Total number of commands
  • Total number of sessions
  • Total number of systems
  • Approximate date of last command entered.
  • Date of registration.

There is currently no way to disable this page.

https://github.com/ietf-tools/datatracker/actions/workflows/ci-run-tests.yml/badge.svg?event=pull_request_target

$ bashhub off $ echo "Recording is now disabled for this session. This command won't be saved." .... $ bashhub on $ echo "Recording commands is now re-enabled"

Clone this wiki locally