LINUXMAKER, OpenSource, Tutorials

How do you delete logon history in Linux Bash?

Linux uses the three standard commands

last, lastb und lastlog,

to display information about the last logged in users, including the failed login attempts. The output of these commands includes the login name, the last login time, the IP address, the port and the login duration.

Command

Log file

Function
last /var/log/wtmp

Lists the successful history of login and logout

lastb /var/log/btmp

Shows the incorrect logon attempts

lastlog /var/log/lastlog

Displays the latest login

This can be tested directly by trial and error.

However, to preserve anonymity, it may be useful to delete the last login history.

Removing information from recent applications

As shown in the table, the information about the most recently logged in users, including failed logon attempts, is stored in specific binaries that root can not handle, but can be easily deleted.

Thus, the information can be easily removed by deleting the files as follows.

# echo > /var/log/wtmp
# echo > /var/log/btmp
# echo > /var/log/lastlog