ssh Archives • Linux Tips

How To: Boot An SSH User

Today’s article will be pretty simple, though it will have a limited scope, as we discuss how to boot an SSH user. The vast majority of my regular readers are ‘simple’ desktop users. This article shouldn’t apply to them; if it does, something may have gone terribly wrong.

I need to point out that if you’re doing this for security reasons, you’ve done something wrong – or you’re getting ready to fire someone and want to ensure any logged-in accounts have been disconnected.

What is this article about?

Well, let’s say you have a server and people are logged in via SSH. Let’s also say you want to disconnect one of them. That is, you want to boot an SSH user. If you want to boot an SSH user, it’s remarkably similar to sending that SSH user a message. You might want to read that article:

Send A Message To Another Logged In User

We’ll be using similar tools, though we’ll also be using tools from this article:

How To: Kill Processes By Their PID (Process ID)

I strongly suggest that you read both of the two links. That will save you some time and I’m going to gloss over some details because one of the great things about previous articles is that it means I don’t have to duplicate work. The onus is yours to read those articles so that you’re familiar with the subject.

In case you haven’t put two and two together, we’re going to boot an SSH user by killing their process ID (PID). It’s a lovely way to do so, perfectly graceful ideally, and will accomplish the goal of booting said SSH user.

This might be something you do when you take a privileged user down to HR to fire them. When they head to HR (and are then led out of the building by security), you can kill any processes they have ownership of, including any SSH sessions they have open. In this case, we’re just going to learn how to boot an SSH user.

So, put on your steel-toed boots ’cause we’re going to boot an SSH user!

(I do… I crack me up!)

Boot An SSH User:

You’re going to need an open terminal and you’re going to need to be connected to the same SSH server(s) as the user. As this is a bit of an advanced article, I’m going to assume you know what those things mean. If you don’t know what those things mean, you probably shouldn’t be operating a server, and definitely shouldn’t be operating a server that has multiple people connected to it.

If you remember (or clicked to read) the previous article, we are going to start with the ‘who’ command. You can simply try this command:

who -u

who -u

That has all the information you need and you’re looking for the PID as that’s what we’re going to be using to boot the SSH user. We’ll be killing their PID and logging them out immediately. You only need the first field to identify them by username and the sixth field to know the PID. So, you can just use this command:

who -u | awk '{print $1, $6}'

1	who -u \| awk '{print $1, $6}'

This will give you an output similar to this:

$ who -u | awk '{print $1, $6}'
kgiii 2253
test_user 174676

$ who -u | awk '{print $1, $6}'

kgiii 2253

test_user 174676

Using the first field to identify the user, you can see their PID. You can kill their process with the following command:

sudo kill -HUP <PID>

1	sudo kill -HUP <PID>

Or, for example:

sudo kill -HUP 174676

1	sudo kill -HUP 174676

If that doesn’t work, and sometimes a process can’t be killed, you can bring out the hammer and tell the kernel to drop the process. You should try the first way as it’s more graceful and using a hammer may result in a zombie process. But, if you want to bring out the hammer, you would use this command:

sudo kill -9 <PID>

1	sudo kill -9 <PID>

If the user is logged in more than once, you can boot the SSH user by adding the rest of their PIDs. You just simply add them to either of the two commands. For example:

sudo kill -HUP <PID> <PID> <PID>

1	sudo kill -HUP <PID> <PID> <PID>

And that’s how you boot multiple SSH users in one command.

Again, if you’re relying on this for security you’re doing it wrong. This should just be a part of the security process, such as when you’re letting someone go while they were still at their desk. You bring them to HR while security cleans their desk and IT make sure they’re logged out of any and every system. You then escort them out of the building.

Of course, there are probably other reasons why you might want to boot an SSH user. It’s your system, you can decide what to do. You shouldn’t be using this to boot an adversarial SSH connection because if it has reached that point you’re doing security very, very wrong.

Closure:

So, why not? We might as well have an article about how you boot an SSH user. It does not apply to much of my readership, but it’s certainly something worth knowing. It was also tied into a couple of earlier articles, including one from yesterday, so I figured I’d cover this subject while it was still fresh in my memory.

That memory ain’t what it once was! Welcome to old age!

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!

[Total: 2 Average: 5]

Disable Inactive SSH Sessions

Today’s article can be used by anyone that has started using SSH on their computers, as we learn to disable inactive SSH sessions. It’s not going to be a very complicated article. This is easy enough for anybody to do, and there aren’t too many ways to permanently mess things up.

What is SSH?

My regular readers will know that I’ve written quite a few articles about SSH. Basically, SSH stands for “Secure Shell” and is a tool you use to remotely control other devices through the terminal. The tool is ancient but still valuable. I use SSH regularly, and that’s not even counting the stuff I do online.

Indeed, I’ve written some SSH articles before:

Install SSH to Remotely Control Your Linux Computers
How To: Restart SSH
Show Failed SSH Login Attempts
(And many more.)

By default, your server/device may not close inactive or idle sessions. It will let you maintain your connection until you tell it to exit. This can be a security issue and it may be worth setting your SSH to disable inactive SSH services.

In this article, we’ll be using Nano and you’ll need to be able to use an SSH connection. If you don’t default to using Nano, you can install Nano or just use the default text editor that you’re more accustomed to. In theory, if you’re just practicing, you could set this up on your computer and then tell SSH to connect to ‘user@localhost’.

Disable Inactive SSH Sessions:

Up above I said, “SSH stands for “Secure Shell” and is a tool you use to remotely control other devices through the terminal.” If you were paying attention, you’d notice the last word is “terminal”. So, you’ll need an open terminal. For most distros, you can open a terminal easily, you press CTRL + ALT + T and you’re all good.

With your terminal now open, you’ll need to connect to the device that’s running the SSH server and enter the following command:

sudo nano /etc/ssh/ssh_config

1	sudo nano /etc/ssh/ssh_config

Next, you’ll add a couple of new lines. The syntax is straightforward and easy enough for anyone to understand. There’s a little bit of math, but you can do that math in your head. The syntax looks like this:

ClientAliveInterval <seconds>
ClientAliveCountMax <number_of_checks>

1 2	ClientAliveInterval <seconds> ClientAliveCountMax <number_of_checks>

The first entry is how long you want to wait to check for an idle connection.

The second entry is how many times you want (set by the first entry) to check for an idle connection.

For example, look at this:

ClientAliveInterval 300
ClientAliveCountMax 5

1 2	ClientAliveInterval 300 ClientAliveCountMax 5

With the above, it’d check for an idle state every 300 seconds (five minutes). It will perform this check 5 times. If the connection is idle for all of those checks, the system will disconnect the SSH user. That’s allowing for 25 minutes of idle time before disconnecting the inactive user. That seems reasonable to me.

You can set those values to anything you’d like, perhaps shorter for an open office and longer if you’re using your home computer and connected to your own devices. The math doesn’t change. It’s just the number of seconds between text multiplied by the number of times the system will perform those checks. If you regularly have many users connected via SSH, you can save some resources by disconnecting them after a reasonable period of inactivity.

As we edited this with Nano, you’ll need to save the file. To do that, you simply press CTRL + X, then Y, and then ENTER and Nano will save the ‘ssh_config’ file.

After you have saved the file, you’ll need to restart SSH for the changes to take effect. That’s easy enough. Assuming you’re using Systemd, you restart SSH with this command:

systemctl restart sshd

1	systemctl restart sshd

If you’re still using SysV, the command would be this:

service sshd restart

1	service sshd restart

(I don’t bother with that often, I just assume you’re using Systemd. After all, according to the stats I can get, most of us are in fact using distros that use Systemd.)

Closure:

So, if you want to disable inactive SSH sessions, you can use the above as a template. You’ll need to figure out how long you want to wait between checks and you’ll want to decide how many times you’re going to make those checks. It’s simple math that anyone can do. It’s also probably not a bad step to take if you’re dealing with something public or sensitive.

Thanks for reading! If you want to help, or if the site has helped you, you can donate, register to help, write an article, or buy inexpensive hosting to start your own site. If you scroll down, you can sign up for the newsletter, vote for the article, and comment.

Smash a button!

[Total: 2 Average: 5]

How To: Restart SSH

Today’s article will be a very short and easy article, where we learn how to restart SSH. This involves restarting the SSH service. It may not even require a second section, it’s that easy. No, it probably will, just to keep things uniform. So, to learn how to restart SSH read on!

This one is drawn from my own frustration. I recently have had to deal with this a couple of times and I’m not sure why. I’ll root through the logs to figure it out at some point, but the obvious issue here is that I had issues with SSH stopping. More specifically, the SSH daemon/service stopped running.

In my case, I was able to just use another remote connection to the device. I suppose I could have just walked across the house, but it was easier to just use TeamViewer.

Oddly, I’ve had TeamViewer cause problems before. I even have an article detailing how to restart TeamViewer from the terminal (via SSH, I suppose).

So, rather than rebooting the system, I just connected via an alternative method and restarted SSH. It’s easily done.

Restart SSH:

You’ll first need some way of connecting to the device with the stopped SSH service. In the opening section, I mentioned doing so with TeamViewer. It pays to have a backup method to connect to your servers, so you could use VNC or something else that works for you.

If you physically go to the device, or remotely connect to the device, you’ll need a terminal to work with. So, open a terminal. Depending on how you’re connected, you might have to find the terminal in the menu as not all keyboard shortcuts will be passed to the remote computer.

So, once you have a terminal open on the remote computer, try this command:

sudo ssh service restart

1	sudo ssh service restart

If that doesn’t work, try this command:

sudo sshd service restart

1	sudo sshd service restart

One of those should work for you. Make note of which one works and you, if you think you’ll be doing it often. You can also ‘stop‘ and ‘start‘ services, easily enough, but just a restart should do the trick.

Closure:

See? I told you that it’d be quick and easy. I could use a quick and easy article right now, and this subject just happens to be something I’m currently thinking of. So, you get this as an article, an article about how you restart SSH. Simple and easy…

Smash a button!

[Total: 5 Average: 5]

Using The SSH Verbose Mode

That’s right, today’s article is going to be yet another SSH related article, this time it’s about using the SSH verbose mode. It’s handy for debugging SSH connections, plus the information can help you understand more about how SSH works. This is a fine article even for those just starting out with SSH and Linux.

I know, I know… I do a lot of SSH articles. In my defense, they’re fun – and there’s just so much to SSH that many people don’t know. It’s a tool that I use all the time, so it’s only natural that I share articles on the SSH subject. I’m bound to run out of ideas for ’em eventually.

For those that don’t know, SSH stands for “Secure Shell”. It’s a way to remotely control computers within the terminal – though you can actually forward some graphics applications over SSH.

If you’re unfamiliar with SSH, you might try reading some of these articles:

Install SSH to Remotely Control Your Linux Computers
Prevent SSH Root Login
Check Your SSH Server Configuration

Alternatively, you can search for SSH articles and discover quite a few other articles on the subject of SSH. As mentioned in the preamble, and I have gotten pretty formulaic, there are quite a few SSH articles.

There are quite a few SSH articles because there’s a lot to learn. You don’t start off by running, you start by stumbling a few steps and working your way up.

So, with all that in mind, let’s have another SSH-related article…

Using The SSH Verbose Mode:

This article requires an open terminal, like many other articles on this site. If you don’t know how to open the terminal, you can do so with your keyboard – just press CTRL + ALT + T and your default terminal should open.

Of course, you need a computer you can connect to with SSH installed. If you don’t have a remote device, you can enable SSH on your local computer and then just connect to user@localhost and practice all these remote commands.

There are three different modes in SSH verbose mode. They’re indicated with a -v, a -vv, and -vvv. To use them, the command would look similar to the following commanda:

ssh -v <user>@<address>
ssh -vv <user>@<address>
ssh -vvv <user>@<address>

ssh -v <user>@<address>

ssh -vv <user>@<address>

ssh -vvv <user>@<address>

In the first mode, that is -v, you get details about the client-side activities.

In the second mode, that is -vv, you get details about both the client-side activities and the server-side activities.

With the third mode, that is -vvv, you get even more details, more verbosity, about both the client-side and server-side activities.

For example, this is some of the text output from a -v SSH verbose mode:

ssh verbose mode displayed — And that’s just some of the information you’ll see when you use the SSH verbose mode.

You’ll get even more verbosity as you go up through the levels of SSH verbose mode. This is useful for debugging your SSH connections – but it’s also useful for those who aren’t sure what’s going on behind the scene. When using SSH’s verbose mode, you can see what’s actually going on behind the curtain. That means you can learn more about what’s going on with your SSH connections.

Closure:

So, yeah… It’s another SSH article. I wrote this one ’cause I was thinking about it. I was thinking about it because I’d recently done another SSH-related article. So, I figured I might as well cover SSH verbose mode while thinking about it. Otherwise, I’d have made a note of it in my files and maybe never bothered with the article. Besides, if you want a different article, you’re always welcome to write it yourself and I’ll (quite likely) publish it.

Smash a button!

[Total: 4 Average: 5]

How To: Login To SSH To Run One Command

In today’s article, we’re going to learn how to login to SSH to run one command. Yes, it’s another SSH article! However, this one should be relatively short. I’ve covered SSH a great deal already. This is just one more SSH trick.

SSH stands for Secure Shell and is a way to remotely control other computers. As I said in the opening paragraph, I’ve already covered a lot of SSH articles, because SSH is a tool I use regularly and it’s a tool I really like.

SSH lets me manage computers on the other side of the country without even leaving my chair. I also use SSH to manage various computers around my house. If I need to do something on a computer in another room, I can just SSH into it and do what I needed to do. It’s great!

Well, today’s SSH article is a bit different. We’re going to login to SSH to run one command. That’s all we’re going to do. We’ll login, automatically run the command, and then automatically exit the SSH connection. This is useful if you want to run a script, update, etc…

There are some previous SSH articles that you might want to read:

Install SSH to Remotely Control Your Linux Computers
Prevent SSH Root Login
Show Failed SSH Login Attempts

Alternatively, you can click to search for SSH articles. I’ve covered quite a bit of SSH material, so you can learn quite a bit from those links – even if you’re already familiar with SSH.

Well then, let’s just jump into the article… It really shouldn’t take long.

Login To SSH To Run One Command:

Like oh so many articles, and this one involving SSH, you’re going to need to start off with a terminal. You’ll also need a device that has SSH properly setup and ready to run. You can actually set SSH up on the computer you’re using and just SSH into localhost to practice this.

And, of course, if you don’t know how to open your terminal, just press CTRL + ALT + T and your default terminal should open.

With your terminal now open, the format of the command is something like this:

ssh <user>@<remote_device_address> '<command>'

1	ssh <user>@<remote_device_address> '<command>'

For example, if I wanted to connect via SSH to run one command, and that command was to list the files in the home directory, the command would look like this:

ssh kgiii@kgiii-msi.local 'ls'

1	ssh kgiii@kgiii-msi.local 'ls'

Note: That device doesn’t face the public internet, so I don’t have SSH keys enabled on the device. So, that means I have to enter my password in the image below. With that in mind, the output of that command would look like this:

login to ssh to run one command — See? It logs into the remote device, runs one command, and exits! Pretty neat, huh?

Of course, you can make it your own and there would be one less step if you had set up SSH keys. You can also make it more complicated if you want. You could try any one of the following commands, adjusting it for your needs:

ssh kgiii@kgiii-msi.local 'cd ~/Downloads && ls -a'
ssh kgiii@kgiii-msi.local 'my_script.sh'
ssh kgiii@kgiii-msi.local 'sudo apt update && sudo apt upgrade -y'

ssh kgiii@kgiii-msi.local 'cd ~/Downloads && ls -a'

ssh kgiii@kgiii-msi.local 'my_script.sh'

ssh kgiii@kgiii-msi.local 'sudo apt update && sudo apt upgrade -y'

Go ahead and play around with this. If you want to login to SSH to run one command, that’s how you do it. You can make the command as simple or as complicated as you want. So long as you string it together properly, the sky’s the limit!

Like I said above, you can just install SSH on your single device and practice what you read in these SSH articles. It’s not particularly taxing. There are plenty of articles to help you along the way.

Closure:

See? It’s really not all that hard to login to SSH to run one command and then exit automatically after that command has been run. It’s another handy SSH trick that you can add to your SSH toolbox. Also, the article is longer than I anticipated. Ah well…

What comes next? I have no idea. I try to not write too many consecutive articles on the same subject. Mixing them up seems the best way to go about it, as the site’s meant to be searched and not read like a blog. I do have a bunch of SSH content, but I’ve also covered a whole lot of it already.

Smash a button!

[Total: 2 Average: 5]