Of every safety mechanism I've ever deployed across a fleet — aliases that prompt before destructive commands, sudoers files that require explicit privilege, audit logging with HMAC-chained integrity — the single most effective one is the color of my shell prompt.
A red prompt on production has stopped me twice this year from typing a command I would have regretted. A two-line PS1 change in /etc/mcaster1/bash-env.sh does the entire job.
The pattern
__mc1_host_color='\[\033[01;36m\]' # cyan default
case "$(hostname -s 2>/dev/null)" in
ovh-us-west*|ovh-us-east*) __mc1_host_color='\[\033[01;31m\]' ;; # red — prod
mc1ks*|mcaster1k8*) __mc1_host_color='\[\033[01;33m\]' ;; # yellow — k8s
kube-*|deb13-*|mc1desktop) __mc1_host_color='\[\033[01;32m\]' ;; # green — local
esac
PS1='${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@'"${__mc1_host_color}"'\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$ 'How it works
The escape codes are ANSI color sequences. \033[01;31m is "bold red foreground." \033[01;33m is bold yellow, \033[01;32m is bold green. \033[00m resets to the terminal default.
The \[ and \] wrappers are critical — they tell bash "the contents are non-printing characters" so line-length calculations stay correct. Without them, your prompt visually overlaps when you type past a certain column. With them, the colors are invisible to bash's line editor — only the terminal sees them.
The case statement matches against the short hostname. Adjust the patterns to your fleet:
- Red for anything production-facing.
ovh-us-*for me. Whatever your prod hostname pattern is for you. - Yellow for "important but not customer-facing" — Kubernetes control planes, staging, build hosts.
- Green for dev / local / sandbox.
- Cyan as the fallback for anything unmatched. (My laptop runs cyan, which tells me I'm on a host whose role I haven't mapped yet.)
Why this works better than aliases
A common alternative is to alias destructive commands:
alias rm='rm -i'That helps a bit. But rm -i trains you to type y reflexively at every prompt. The first time you hit a recursive delete with hundreds of files, you'll either disable the alias or just hold down y. Aliases educate the wrong reflex.
A red prompt does something different. It doesn't ask you to confirm anything. It just colors your peripheral vision red. Every time your eyes flick to the prompt — thousands of times per session — the visual signal lands: you are on production. By the time you've typed three commands the color is part of your context. Destructive thinking pre-loads more caution.
Tunable variants
You can go further:
- Color the entire prompt red on prod, not just the hostname.
- Append a literal
[PROD]badge after the prompt. - Make sudo prompts red regardless of host (matches your "I am about to do a privileged thing" cue).
- Show the current kubectl context after the hostname (kube-ps1).
Don't over-engineer. The base pattern — red on prod, green on dev — is already 90% of the value. Ship it, live with it for a month, then iterate.
Your eyes process color in 13 milliseconds. Your reflexes process the word "production" in your prompt several hundred milliseconds slower. Use the faster channel.
Next: Conditional Aliases — the one-line pattern that lets your .bashrc work on every box in your fleet.