• Skip to primary navigation
  • Skip to main content
  • Skip to primary sidebar
  • Skip to footer

Juniper Client

Its all about Networks

  • Juniper SRX
  • Juniper eBooks
  • Juniper Switches
    • Juniper Ex Switch
    • Juniper Networks Switches
    • Juniper Switch
  • Juniper Apps
  • News
  • Juniper eBooks
  • About Us
  • Show Search
Hide Search

Trying into Linux person logins with lslogins

vijesh · January 15, 2021 · Leave a Comment


One handy technique to record particulars about person logins on a Linux system is to make use of the lslogins command. You will get a really helpful and properly formatted show that features fairly a couple of necessary particulars.

On my system and sure most others, person accounts will begin with UID 1000. To record simply these accounts somewhat than embody the entire service accounts like daemon, mail and syslog, add the -u choice as proven within the instance beneath.

$ sudo lslogins -u
  UID USER                PROC PWD-LOCK PWD-DENY LAST-LOGIN GECOS
Zero root 151 0 0 root
1000 shs 68 0 0 12:35 Sandra H-S 1001 nemo 0 0 0 2021-Jan05 Nemo Demo,,, 1002 dbell 0 0 1 Dory Bell 1003 shark 2 0 0 7:15 Sharon Hark 1004 tadpole 0 0 0 2020-Dec05 Ted Pole 1005 eel 0 0 0 2021-Jan11 Ellen McDay 1006 bugfarm 0 0 0 2021-Jan01 Bug Farm 1008 dorothy 0 0 1 Dorothy Reuben 1012 jadep 0 0 1 2021-Jan04 Jade Jones 1013 myself 0 0 0 2021-Jan12 My Self 1014 marym 0 0 0 2020-Mar20 Mary McShea 1017 gijoe 0 0 0 GI Joe 65534 no person 0 0 1 no person

What the lslogins command does is seize related data from system information similar to /and many others/passwd, /and many others/shadow and /var/log/wtmp and lay it out in a format like that proven beneath. In the event you run this command with out utilizing sudo, you will be unable to retrieve the entire data proven. Non-privileged accounts will not have entry to the entire information which can be wanted.

The show exhibits the numeric UIDs, usernames and the variety of processes working. This output means that the primary person listed is probably going logged in on the system console since she has 68 working processes. What we do not see is that she’s additionally logged in on a pseudo terminal; we would see two entries for this person if we used the who command.

The following two columns (PWD-LOCK and PWD-DENY) present that 4 accounts are locked. Every of those has a password hash area within the /and many others/shadow file that begins with a “!”. As well as, we see solely 5 “latest” logins. (I put “latest” in quotes as a result of March 20, 2020 would not appear all that latest to me.) This implies not solely that this person in all probability would not want her account any longer however that the system usually is not closely used as a result of the /var/log/wtmp file rolled over in March 2020 or earlier. Since two of these LAST-LOGIN dates solely present times–not dates–we know that they are each displaying immediately’s logins.

Present particulars for just one person

If you wish to show the small print for one explicit person solely, you’ll be able to add the username to the command as an argument. You will see fairly a distinct show format and a few further particulars:

$ sudo lslogins shs
Username:                           shs
UID:                                1000
Gecos area:                        Sandra H-S
Residence listing:                     /residence/shs
Shell:                              /bin/bash
No login:                           no
Password is locked:                 no
Password not required:              no
Login by password disabled:         no
Password encryption technique:         SHA-512
Main group:                      shs
GID:                                1000
Supplementary teams:               secteam,sudo
Supplementary group IDs:            11,27
Final login:                         14:44
Final terminal:                      pts/1
Final hostname:                      192.168.0.13
Hushed:                             no
Password expiration warn interval:  7
Password modified:                   2020-Sep30
Most change time:                99999
Operating processes:                  67

Search for failed logins

To detect failed logins, use the -f choice (making the choices -uf) as proven on this instance:

$ sudo lslogins -uf
 UID USER    FAILED-LOGIN FAILED-TTY
   Zero root
1000 shs
1001 nemo
1002 dbell   12:49        ssh:notty
1003 shark
1004 tadpole
1005 eel
1006 bugfarm
1008 dorothy
1012 jadep
1013 myself
1017 gijoe

If you need a listing of usernames with failed logins, you would do that:

$ sudo lslogins -f | awk 'if ($4) print $2;'
USER
dbell

View when passwords have been final modified or will probably be expiring

Use the -a choice to show password altering and expiration particulars.

$ sudo lslogins -ua
UID USER PWD-WARN PWD-MIN PWD-MAX PWD-CHANGE PWD-EXPIR
Zero root 7 99999 2020-Sep21
1000 shs 7 99999 2020-Sep30
1001 nemo 7 90 2020-Dec04
1002 dbell 14 90 2020-Oct27
1003 shark 7 10 90 2020-Mar15
1004 tadpole 7 99999 2019-Oct14 2020-Nov10
1005 eel 7 99999 2020-Jan18
1006 bugfarm 7 99999 2020-Jul08
1008 dorothy 7 99999 2019-Jul08
1012 jadep 7 99999 2019-Jul15
1013 myself 7 99999 2020-Jan18
1017 gijoe 7 99999 2020-Nov11

Use : as a area separator

Use the -c choice to have your lslogins particulars colon-separated. This may be useful in case you intend to course of this data additional.

$ sudo lslogins -c | awk -F ":" '$1 >= 1000 print'
UID:USER:PROC:PWD-LOCK:PWD-DENY:LAST-LOGIN:GECOS
1000:shs:68:0:0:14:44:Sandrax20H-S
1001:nemo:0:0:0:2020-Dec05:Nemox20Demo,,,
1002:dbell:0:0:1::Doryx20Bell
1003:shark:0:0:0::Shark,,,
1004:tadpole:0:0:0::Tadx20Pole,,,
1005:eel:0:0:0::Ellen,El,,
1006:bugfarm:0:0:0::Bugx20Farm
1008:dorothy:0:0:1::Dorothyx20Lee
1012:jadep:0:0:1::Jadex20Jones
1013:myself:0:0:0::Myx20Self
1017:gijoe:0:0:0::GIx20Joe
65534:no person:0:0:1::no person

Listing accounts working greater than 10 processes

To get a fast record of what number of customers are working 10 or extra processes, you’ll be able to have the awk command proven beneath look at the third area within the lslogins output. Fortuitously for me, the string “PROC” can also be alphanumerically larger than “10”, so I haven’t got to make any additional effort to retain the conventional column headings.

$ sudo lslogins | awk '$3 >= 10 print'
  UID USER                PROC PWD-LOCK PWD-DENY LAST-LOGIN GECOS
    Zero root                 152        0        0            root
 1000 shs                   68        0        0      14:44 Sandra H-S

Wrap-Up

The lslogins command gives fairly a couple of helpful choices for trying into person accounts, however requires utilizing sudo or logging in as root to see the entire particulars. Take a look at the person web page to study much more about this command.

Be a part of the Community World communities on Fb and LinkedIn to touch upon subjects which can be high of thoughts.

Copyright © 2021 IDG Communications, Inc.

Filed Under: News

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Juniper targets data-center automation with Apstra replace

Telemetry steps into the enterprise-networking highlight

Don’t Await a Refresh to Obtain a Fashionable Community

Cut back the Community Crew’s Workload with AI Applied sciences

Eight sizzling networking applied sciences for 2023

Received Community Downtime? Right here’s How you can Proactively Scale back It

IT Leaders Have a Inexperienced Alternative to Help Sustainability

Cloud suppliers ought to unify digital networking and SD-WAN

IT provide points have organizations shifting from just-in-time to just-in-case shopping for

Information middle networking developments to observe for 2023

Seize AI-driven Alternatives to Clear up Hybrid Work Challenges

How AI, Automation, and Zero Belief Can Enhance Enterprise Networks

For Searching IFSC Codes in Banks Visit Here

For Biographies visit Crazum.com

Footer

About Juniper Client

Juniper Client is a blog dedicated in solving juniper related problems like juniper srx load balancing, juniper routers, juniper switches etc. Juniper Client is the premier provider of information, intelligence and insight for Juniper Network and IT Executives. Our main focus is to deliver news, opinion and networking tools for managing business solutions. We offer a unique and valuable information for businesses to meet their marketing objectives. Read More...

FIND IT HERE

Copyright © 2023 · Daily Dish Pro on Genesis Framework · WordPress · Log in