Check the SSH commands run by users

If you are giving Shell access to your web hosting users you might want to check what commands they are using. In cPanel, there is a file in the user’s home directory that keeps the SSH history.

The file is /home/username/.bash_history
The dot in from of the filename means the file is hidden. You can use the cat command to see the file content:

cat /home/username/.bash_history

root@web [/home/test]# cat .bash_history
free -m
cd /
du -sh /home
du -sh /home/test
root@web [/home/test]#

Notice that the .bash_history file is owned by the user, so the user can modify it anytime.

Epoch Time converter

The lines starting with # contain the time (in Unix/Epoch Time format) when the command was run. Below we put a link to a site where you can convert the Unix Time to human-readable time. Or more easily you can use the date command:

root@web [/home/test]# date -d @1584543556
Wed Mar 18 09:59:16 CDT 2020
root@web [/home/test]#

Wikipedia Unix Time/Epoch Time
Epoch Time Converter