Since v2 of n8n the executeCommand node is disabled by default. But how can I delete a local file without the executeCommand node now? I looked at the “Read/Write Files from Disk” node and whether it already has a delete action but it doesn’t.
What am I missing?
Hey @nm5182, You are not missing anything that executeCommand node was disabled in the 2.x versions, but here are some workaround you can see in these i have found:
In v2.x, Execute Command is simply disabled by default for security reasons; you can re‑enable it by adjusting
NODES_EXCLUDE(for example,NODES_EXCLUDE="[]"or excluding onlylocalFileTrigger). [2.0 security changes; Execute Command docs; Block nodes; v2.x compose example]”
Let me know if this helps
Hi @nm5182 ,
Since the Read/Write Files from Disk node doesn’t have a delete action, you can enable execute Command Node and add this environment variable to your n8n configuration:
N8N_BLOCK_ENV_VARS_IN_EXECUTE_COMMAND=false
Then use the Execute Command node with:
Linux/Mac: rm /path/to/file.txt
Windows: del C:\path\to\file.txt
NB (Best for Self-Hosted)
Hope this helps!
without enabling the Execute Command node back, I’d go for the SSH node:
You’ll need to add credentials, either a password or a private key..
Thanks a lot for your quick reply. Actually I already knew that I could reactivate the executeCommand node but it has been deactivated since it has proven to be a security threat. I think this is a good design choice, since usually most n8n-flowgrammers don’t need to actually be able to execute commands on the host system but simply want to do basic file operations like read, write and delete. For the latter I just created a feature request: Add "delete" action to “Read/Write Files from Disk” node
Thanks a lof for your reply. I don’t have SSH enabled on my n8n host system. Which advantages do you see in terms of security by using the SSH node instead of reactivating the executeCommand node though?
@nm5182 Using the SSH node is generally safer than re-enabling the Execute Command node.
Why? Because..
The Execute Command node runs shell commands directly on your n8n host, which can be dangerous because it lets workflows execute arbitrary OS commands there; that’s exactly why n8n disabled it by default in v2.x for security reasons.
The SSH node connects to another machine over SSH and runs commands on that remote system, so your n8n host itself isn’t executing arbitrary shell commands.
So if you need to delete a file or run a script on a server, using SSH limits the risk to that remote system instead of exposing your automation host to broad command execution. That’s the main security advantage.
I think the security advantage is isolation, while the Execute Command node runs with n8n’s full system privileges, the SSH node or even the FTP node (which is another great alternative):
allows you to operate within a much stricter scope.
By using SSH or FTP, you can connect as a specific user (not the root ofc) that you should configure on the server with restricted permissions (like access limited only to specific folders),
This ensures that when compromised, it doesn’t have the full access permissions of the host system..