If you have a linux server, It is absolutely necessary to know how to check the users that are logged in to your system and what they are doing. To do that, you have to get yourself familiar with number of different linux commands. In this guide, we will show you how to identify the user accounts on a linux system using commands like whoami, id, and more.
WHOAMI
First of all, you need to check the username that you have used to log in. We can use the following command to see our username
#whoami
As you can see, The whoami command tells you your username.
Who
The who command will give you information about who is logged on the system.
#who
W
The w command shows you who is logged on and what they are doing.
#w
ID
The id command will give you your user id, primary group id, and a list of the groups that
#id
On RHEL/CentOS you will also get SELinux context information with this command.
Finger
Finger is another useful command that we can use to monitor the logged in users. It can also show how long they’ve been idle (how long since they ran a command), etc. In this command, we are looking at the user root.
#finger rd
We can see rd’s full name, home directory and shell. We can also see rd’s most recent login and email activity. Office, office phone and home phone numbers are only included if they are defined in the /etc/passwd file in the full name field.
Auth.log
You can yank information from the /var/log/auth.log file with commands like grep. To show the most recent login activity using auth.log data, you can run a command like this one:
#grep “New session” /var/log/auth.log
Latest posts by Ruwantha Nissanka (see all)
- 4 ways to hide your identity using linux - January 18, 2021
- How To Install Kali Linux in Virtualbox - December 31, 2020
- Kali Linux : The OS That Hackers Use - December 31, 2020
- How to monitor user activity in Linux with Acct - December 30, 2020
- Debsecan : You will not miss another security update - December 28, 2020
