Remove sensitive files and their commits from Git history

Question

I would like to put a Git project on GitHub but it contains certain files with sensitive data (usernames and passwords, like /config/deploy.rb for capistrano).

I kno

Answer 1

I've had to do this a few times to-date. Note that this only works on 1 file at a time.

1. Get a list of all commits that modified a file. The one at the bottom will the the first commit:

   git log --pretty=oneline --branches -- pathToFile

2. To remove the file from history use the first commit sha1 and the path to file from the previous command, and fill them into this command:

   git filter-branch --index-filter 'git rm --cached --ignore-unmatch ' -- ..