• VMware

    Learn about VMware virtualization for its products like vsphere ESX and ESXi, vCenter Server, VMware View, VMware P2V and many more

  • Linux

    Step by step configuration tutorials for many of the Linux services like DNS, DHCP, FTP, Samba4 etc including many tips and tricks in Red Hat Linux.

  • Database

    Learn installation and configuration of databases like Oracle, My SQL, Postgresql, etc including many other related tutorials in Linux.

  • Life always offers you a second chance ... Its called tomorrow !!!

    Monday, August 13, 2012

    6 commands to list the logged in users in Linux

    How will you check the complete list of logged in users either current or all those attempts which have been made to connect your machine by any user and the status of connection

    Here are 6 commands which I use to view the users who have logged in recently or are currently logged in to any particular Linux machine

    Method 1

    users: This command print the user names of users currently logged in to the current host without showing any much information about source, login time or any other relevant detail

    # users
    deepak ruchi aman rahul ramandeep


    Method 2

    last: This command searches back through the file /var/log/wtmp (or the file designated by the -f flag) and displays a list of all users logged in (and out) since that file was created. Names of users and tty's can be given, in which case last will show only those entries matching the arguments.

    # last -a
    deepak   pts/3        Tue Oct 16 18:01 - 18:01  (00:00)     10.10.10.30
    root     pts/2        Tue Oct 16 17:51   still logged in    10.10.10.30
    root     pts/1        Tue Oct 16 14:29 - 18:03  (03:34)     10.10.10.30
    root     pts/3        Tue Oct 16 11:10 - 13:11  (02:00)     10.10.10.30
    root     pts/1        Mon Oct 15 20:30 - 13:21  (16:51)     10.10.10.30
    root     pts/3        Mon Oct 15 18:02 - 18:37  (00:34)     10.10.10.30
    root     pts/1        Mon Oct 15 15:23 - 18:34  (03:11)     10.10.10.30
    root     pts/1        Mon Oct 15 10:45 - 15:22  (04:36)     10.10.10.30
    root     pts/2        Fri Oct 12 18:34 - 15:53 (3+21:19)    :2.0
    root     pts/1        Fri Oct 12 18:07 - 19:34  (01:27)     10.10.10.30
    root     pts/0        Fri Oct 12 17:57   still logged in    :0.0
    root     tty1         Fri Oct 12 17:56   still logged in    :0

    reboot   system boot  Fri Oct 12 17:44 - 18:03 (4+00:19)    2.6.32-220.el6.i686

    Method 3

    secure file: This file contains the logs of all the attempts made for login to your machine with authentication reports

    # less /var/log/secure
    Oct 16 18:01:12 localhost unix_chkpwd[3503]: password check failed for user (deepak)
    Oct 16 18:01:14 localhost sshd[3501]: Failed password for deepak from 10.10.10.30 port 2326 ssh2
    Oct 16 18:01:21 localhost passwd: pam_unix(passwd:chauthtok): password changed for deepak
    Oct 16 18:01:21 localhost passwd: gkr-pam: couldn't update the 'login' keyring password: no old password was entered
    Oct 16 18:01:24 localhost sshd[3501]: Accepted password for deepak from 10.10.10.30 port 2326 ssh2
    Oct 16 18:01:24 localhost sshd[3501]: pam_unix(sshd:session): session opened for user deepak by (uid=0)
    Oct 16 18:01:31 localhost sshd[3501]: pam_unix(sshd:session): session closed for user deepak

    Method 4

    finger: If no arguments are specified, finger will print an entry for each user currently logged into the system.

    # finger
    Login     Name       Tty      Idle  Login Time   Office      Office Phone
    deepak               pts/3          Oct 16 18:01 (10.10.10.30)
    root      root       tty1       4d  Oct 12 17:56 (:0)
    root      root       pts/0    6:51  Oct 12 17:57 (:0.0)
    root      root       pts/1    2:08  Oct 16 14:29 (10.10.10.30)
    root      root       pts/2          Oct 16 17:51 (10.10.10.30)

    Method 5

    who: This command shows currently logged in users with time details

    # who -u
    root     tty1         2012-10-12 17:56  old         1960 (:0)
    root     pts/0        2012-10-12 17:57 06:51        2376 (:0.0)
    root     pts/1        2012-10-16 14:29 02:09        3094  (10.10.10.30)
    root     pts/2        2012-10-16 17:51   .          3454 (10.10.10.30)

    Method 6

    whoami: Print the user name associated with the current effective user ID

    # whoami
    root


    Related Articles

    Follow the below links for more tutorials

    Configure Red Hat Cluster using VMware, Quorum Disk, GFS2, Openfiler
    Tutorial for Monitoring Tools SAR and KSAR with examples in Linux
    How to configure Samba 4 Secondary Domain Controller
    Understanding Load Average in Linux and when to be worried about it?
    How to secure Apache web server in Linux using password (.htaccess)
    How to register Red Hat Linux with RHN (Red Hat Network )
    Red hat Enterprise Linux 5.5 Installation Guide (Screenshots)
    15 tips to enhance security of your Linux machine
    Why is Linux more secure than windows and any other OS
    What is the difference between "su" and "su -" in Linux?
    What is swappiness and how do we change its value?
    How to log iptables messages in different log file
    What are the s and k scripts in the etc rcx.d directories
    How to check all the currently running services in Linux
    How to auto start service after reboot in Linux
    What is virtual memory, paging and swap space?

    0 comments:

    Post a Comment