#shell-history #shell #security #history #command #terminal-session #terminal

bin+lib safeshell

SafeShell: A security tool for shell history management, designed to detect, stash, and clear sensitive commands, ensuring safer terminal sessions

4 releases

new 0.1.3 Dec 15, 2024
0.1.2 Oct 31, 2024
0.1.1 Oct 26, 2024
0.1.0 Oct 26, 2024

#2848 in Command line utilities

Download history 171/week @ 2024-10-21 179/week @ 2024-10-28 2/week @ 2024-11-04 1/week @ 2024-11-18 72/week @ 2024-12-09

73 downloads per month

MIT license

88KB
2K SLoC

🛡️ SafeShell

 ____           __        ____   _            _  _
/ ___|   __ _  / _|  ___ / ___| | |__    ___ | || |
\___ \  / _` || |_  / _ \\___ \ | '_ \  / _ \| || |
 ___) || (_| ||  _||  __/ ___) || | | ||  __/| || |
|____/  \__,_||_|   \___||____/ |_| |_| \___||_||_|

🛡️ SafeShell: A security tool for shell history management, designed to detect, stash, and clear sensitive commands, ensuring safer terminal sessions.

✨ Features

🖥️ Display a summary of sensitive commands at the start of each terminal session. 👀 Remove sensitive commands from the shell history to enhance security and privacy. 👨‍💻 Temporarily store your command history prior to presentations or screen-sharing sessions for confidentiality.

🚀 Installation

To install safeshell, simply clone the repository and follow the instructions below:

git clone git@github.com:trinhminhtriet/safeshell.git
cd safeshell

cargo install --path .

Running the below command will globally install the safeshell binary.

cargo install safeshell
macOS
curl -sS https://raw.githubusercontent.com/trinhminhtriet/safeshell/master/install/install.sh | bash
Linux
curl -sS https://raw.githubusercontent.com/trinhminhtriet/safeshell/master/install/install.sh | bash
Windows
iwr https://raw.githubusercontent.com/trinhminhtriet/safeshell/master/install/install.ps1 -useb | iex

Setup your shell

Bash Add the following to the end of ~/.bashrc:
eval $(safeshell --init-shell)
Zsh Add the following to the end of ~/.zshrc:
eval $(safeshell --init-shell)
PowerShell Add the following to the end of your PowerShell configuration (find it by running $PROFILE):
Invoke-Expression (&safeshell --init-shell)
Fish Add the following to the end of ~/.config/fish/config.fish:
safeshell --init-shell | source

motd

💡 Usage

$ safeshell --help

Secure shell commands

USAGE:
    safeshell [OPTIONS] [SUBCOMMAND]

OPTIONS:
        --config-dir <CFG_DIR_PATH>    Set configuration directory path
    -h, --help                         Print help information
        --init-shell                   Show sensitive findings summary for MOTD
        --log <LEVEL>                  Set logging level [default: INFO] [possible values: OFF,
                                       TRACE, DEBUG, INFO, WARN, ERROR]
        --no-banner                    Don't show the banner
    -V, --version                      Print version information


SUBCOMMANDS:
    config     Create custom configuration
    find       Find sensitive commands
    help       Print this message or the help of the given subcommand(s)
    restore    Restore backup history file
    stash      Stash history file

👀 Find Sensitive Commands

Sensitive data can be stored in your history file when export a token of something or running a script with token.

safeshell find --format table

find

🪄 Mask findings:

safeshell clear

🔥 Remove findings:

safeshell clear --remove

💼 Backup shell history before clear

safeshell clear --backup

🙈 Stash/Pop/Restore

You can stash your history shell by running the command:

safeshell stash

Now your history shell is clear, to bring back your history run the command:

safeshell stash pop

You can also restore your history backup file by running the command:

safeshell stash restore

𓂃🖌 External Configuration

Create custom configuration by running the command

safeshell config

Config command will create:

  1. Custom pattern template for adding a custom risky patterns
  2. Ignore file to allows you ignore specific pattern

🛠️ Validate Config Files

Validate syntax file

safeshell config validate

🚮 Delete Config Folder

Validate syntax file

safeshell config delete

⏭ Ignore patterns

Manage pattern ignores

safeshell config ignores

Examples

All the examples here

🗑️ Uninstallation

Running the below command will globally uninstall the safeshell binary.

cargo uninstall safeshell

Remove the project repo

rm -rf /path/to/git/clone/safeshell

🤝 How to contribute

We welcome contributions!

  • Fork this repository;
  • Create a branch with your feature: git checkout -b my-feature;
  • Commit your changes: git commit -m "feat: my new feature";
  • Push to your branch: git push origin my-feature.

Once your pull request has been merged, you can delete your branch.

📝 License

This project is licensed under the MIT License - see the LICENSE file for details.

Dependencies

~13–24MB
~352K SLoC