How will you check the complete list of logged in users either current
or all those attempts which have been made to connect your machine by
any user and the status of connection
Here are 6 commands which I
use to view the users who have logged in recently or are currently
logged in to any particular Linux machine
How will you check the complete list of logged in users either current
or all those attempts which have been made to connect your machine by
any user and the status of connection
Here are 6 commands which I use to view the users who have logged in recently or are currently logged in to any particular Linux machine
Here are 6 commands which I use to view the users who have logged in recently or are currently logged in to any particular Linux machine
Method 1
users: This
command print the user names of users currently logged in to the
current host without showing any much information about source, login
time or any other relevant detail
# users
deepak ruchi aman rahul ramandeep
# users
deepak ruchi aman rahul ramandeep
Method 2
last: This command searches back through the file /var/log/wtmp (or
the file designated by the -f flag) and displays a list of all users
logged in (and out) since that file was created. Names of users and
tty's can be given, in which case last will show only those entries
matching the arguments.
# last -a
deepak pts/3 Tue Oct 16 18:01 - 18:01 (00:00) 10.10.10.30
root pts/2 Tue Oct 16 17:51 still logged in 10.10.10.30
root pts/1 Tue Oct 16 14:29 - 18:03 (03:34) 10.10.10.30
root pts/3 Tue Oct 16 11:10 - 13:11 (02:00) 10.10.10.30
root pts/1 Mon Oct 15 20:30 - 13:21 (16:51) 10.10.10.30
root pts/3 Mon Oct 15 18:02 - 18:37 (00:34) 10.10.10.30
root pts/1 Mon Oct 15 15:23 - 18:34 (03:11) 10.10.10.30
root pts/1 Mon Oct 15 10:45 - 15:22 (04:36) 10.10.10.30
root pts/2 Fri Oct 12 18:34 - 15:53 (3+21:19) :2.0
root pts/1 Fri Oct 12 18:07 - 19:34 (01:27) 10.10.10.30
root pts/0 Fri Oct 12 17:57 still logged in :0.0
root tty1 Fri Oct 12 17:56 still logged in :0
reboot system boot Fri Oct 12 17:44 - 18:03 (4+00:19) 2.6.32-220.el6.i686
# last -a
deepak pts/3 Tue Oct 16 18:01 - 18:01 (00:00) 10.10.10.30
root pts/2 Tue Oct 16 17:51 still logged in 10.10.10.30
root pts/1 Tue Oct 16 14:29 - 18:03 (03:34) 10.10.10.30
root pts/3 Tue Oct 16 11:10 - 13:11 (02:00) 10.10.10.30
root pts/1 Mon Oct 15 20:30 - 13:21 (16:51) 10.10.10.30
root pts/3 Mon Oct 15 18:02 - 18:37 (00:34) 10.10.10.30
root pts/1 Mon Oct 15 15:23 - 18:34 (03:11) 10.10.10.30
root pts/1 Mon Oct 15 10:45 - 15:22 (04:36) 10.10.10.30
root pts/2 Fri Oct 12 18:34 - 15:53 (3+21:19) :2.0
root pts/1 Fri Oct 12 18:07 - 19:34 (01:27) 10.10.10.30
root pts/0 Fri Oct 12 17:57 still logged in :0.0
root tty1 Fri Oct 12 17:56 still logged in :0
reboot system boot Fri Oct 12 17:44 - 18:03 (4+00:19) 2.6.32-220.el6.i686
Method 3
secure file: This file contains the logs of all the attempts made for login to your machine with authentication reports
Method 4
finger: If no arguments are specified, finger will print an entry for each user currently logged into the system.
# finger
Login Name Tty Idle Login Time Office Office Phone
deepak pts/3 Oct 16 18:01 (10.10.10.30)
root root tty1 4d Oct 12 17:56 (:0)
root root pts/0 6:51 Oct 12 17:57 (:0.0)
root root pts/1 2:08 Oct 16 14:29 (10.10.10.30)
root root pts/2 Oct 16 17:51 (10.10.10.30)
# finger
Login Name Tty Idle Login Time Office Office Phone
deepak pts/3 Oct 16 18:01 (10.10.10.30)
root root tty1 4d Oct 12 17:56 (:0)
root root pts/0 6:51 Oct 12 17:57 (:0.0)
root root pts/1 2:08 Oct 16 14:29 (10.10.10.30)
root root pts/2 Oct 16 17:51 (10.10.10.30)
Method 5
who: This command shows currently logged in users with time details
# who -u
root tty1 2012-10-12 17:56 old 1960 (:0)
root pts/0 2012-10-12 17:57 06:51 2376 (:0.0)
root pts/1 2012-10-16 14:29 02:09 3094 (10.10.10.30)
root pts/2 2012-10-16 17:51 . 3454 (10.10.10.30)
# who -u
root tty1 2012-10-12 17:56 old 1960 (:0)
root pts/0 2012-10-12 17:57 06:51 2376 (:0.0)
root pts/1 2012-10-16 14:29 02:09 3094 (10.10.10.30)
root pts/2 2012-10-16 17:51 . 3454 (10.10.10.30)
Method 6
whoami: Print the user name associated with the current effective user ID
# whoami
root
# whoami
root
No comments:
Post a Comment