Let us imagine such a scenario. You have a server that is frequently accessed by many users from various systems on the network. It is possible that some users forget to log out of the session leaving the session open. We all know how dangerous it is to leave a user session connected. Some users may use this to intentionally do things that damage the system. And you, as a system administrator, will you go to every system to check whether the user has logged out? In fact, this is completely unnecessary. And if there are hundreds or thousands of machines in the network, this is too time-consuming. However, you can have users automatically log out if they are inactive on the machine or SSH session for a certain period of time. This tutorial will teach you how to do this on a Unix-like system. It's not difficult at all. Do it with me.
Implementing automatic logout of inactive users after a period of time on Linux
There are three ways to achieve this. Let's look at the first method first.
method 1:
Edit ~/.bashrc or ~/.bash_profile file:
$ vi ~/.bashrc
or,
$ vi ~/.bash_profile
Add the following lines to it:
TMOUT=100
This will log the user out automatically after 100 seconds of inactivity. You can define this value as needed. Save and close the file.
Run the following command to make the changes take effect:
$ source ~/.bashrc
or,
$ source ~/.bash_profile
Now let the session idle for 100 seconds. After 100 seconds of inactivity, you will see the message below and the user will automatically log out of the session.
timed out waiting for input: auto-logout Connection to 192.168.43.2 closed.
This setting can be easily modified by the user. Because the ~/.bashrc file is owned by the user himself.
To modify or delete the timeout setting, just delete the line added above and execute the source ~/.bashrc command to make the modification take effect.
In addition, users can also run the following command to disable timeout:
$ export TMOUT=0
or,
$ unset TMOUT
If you want to prevent users from modifying this setting, use the following method instead.
Method 2:
Log in as root user.
Create a new file named autologout.sh.
# vi /etc/profile.d/autologout.sh
Add the following content:
TMOUT=100 readonly TMOUT export TMOUT
Save and exit the file.
Add executable permissions to it:
# chmod +x /etc/profile.d/autologout.sh
Now, log out or restart the system. Inactive users will be automatically logged out after 100 seconds. Ordinary users cannot modify this configuration even if they want to retain the session connection. They will force quit after 100 seconds.
Both methods work for both local and remote sessions (i.e. users logged in locally and users logged in via SSH on the remote system). Let's take a look at how to automatically log out only inactive SSH sessions without automatically logging out of local sessions.
Method 3:
This way, we will only have the SSH session user automatically log out after a period of inactivity.
Edit /etc/ssh/sshd_config file:
$ sudo vi /etc/ssh/sshd_config
Add/modify the following lines:
ClientAliveInterval 100 ClientAliveCountMax 0
Save and exit the file. Restart the sshd service for the changes to take effect.
$ sudo systemctl restart sshd
Now, log in to the remote system through ssh. After 100 seconds, the ssh session will automatically close and you will see the following message:
$ Connection to 192.168.43.2 closed by remote host. Connection to 192.168.43.2 closed.
Now, anyone who logs into this system via SSH from a remote system will automatically log out after 100 seconds of inactivity.
The above is the detailed content of Introducing automatic logout methods on Linux to prevent long periods of user inactivity. For more information, please follow other related articles on the PHP Chinese website!