-
Notifications
You must be signed in to change notification settings - Fork 80
Security and Privacy
This section tries to outline Bashhub's practices to address Security and Privacy.
All communication to Bashhub is over HTTPS. Bashhub's client uses requests to communicate with the server.
All commands are stored in a non-relational database that is encrypted at rest using storage level encryption via LUKS.
To support text search on the server side, commands are not encrypted at the application layer. Searching would require decrypting commands on demand. A full search experience requires there to be a text index on the commands themselves.
All commands are private. Commands recorded on behalf of a user are only accessible using that user's authentication token. There is currently no way to share these commands and they're not publicly accessible.
Bashhub currently generates each user a unique identification token which is passed with each user request to validate a user's actions. This token is necessary to perform any actions on behalf of a user for the command api.
Bashhub saves a copy of a command exactly as it's recorded in your history. Credentials which are recorded via a prompt (e.g. default ssh and postgres) are not recorded. Only if you plain text a password as part of a command will it be recorded. For example:
$ mysql -u bob -p plain-text-password # This is bad practice in general.
Good practice is to not plain text user information instead use a prompt e.g.
$ mysql -u "$DB_USER" -p # Best Practice. Prompts you for a password.
Instead of prompting, you could also set an environment variable.
$ mysql -u "$DB_USER" -p "$DB_PASSWORD" # This is better practice.
You can filter commands from being recorded to Bashhub via a regex set to the environment variable BH_FILTER
. These commands will be ignored and omittted from Bashhub.
# Filter out any commands for postgres or ssh
export BH_FILTER="(psql|ssh)"
ssh rcaloras@some-ip-address # will not be saved
You can check the configuration of this command via the bashhub filter
subcommand.
# Check if a command is filtered by my regex
export BH_FILTER="(-p)"
bashhub filter "mysql -u root -p plain-text-password"
BH_FILTER=(-p)
mysql -u root -p plain-text-password
Is Filtered. Matched ['-p']
You can turn on/off recording to Bashhub via bashhub on
and bashhub off
. By default this only affects the current bash session.
$ bashhub off
$ echo "Recording is now disabled for this session. This command won't be saved."
....
$ bashhub on
$ echo "Recording commands is now re-enabled"
You can disable for all sessions by setting bashhub off --global
this sets save_commands = False
in your bashhub config.
Lastly #ignore
added to any command will omit it from being saved. Simply add it to the end of any command and it won't be recorded in Bashhub.
$ echo "this command won't be saved" #ignore
No Bashhub maintainer ever accesses commands unless required for support reasons. When working to support issues we do our best to respect your privacy as much as possible and only access what's needed to resolve an issue.
A small amount of high level meta-data is publicly accessible on user profile pages. For example https://bashhub.com/u/rccola.
This contains very high level information like:
- Total number of commands
- Total number of sessions
- Total number of systems
- Approximate date of last command entered.
- Date of registration.
There is currently no way to disable this page.