Discovering who has logged in to your Linux system is a fundamental aspect of managing a Linux server or workstation. You may want to obtain usernames, login date and time, termial device used, hostname, IP address, or other information about the users that are currently logged in.
However, it’s not always easy for people to locate this information, especially for new users who have just started working with Linux.
In this article, we’ll cover different methods for retrieving usernames for currently logged-in Linux users.
We will go over each command line tool in detail and explain how to interpret their output.
Methods for Printing Usernames of Logged-In Users in Linux
Using the W Command
One of the simplest methods for listing currently logged-in users on a Linux system is the `w` command. The `w` command retrieves a list of logged-in users along with various status information.
When you run the `w` command, you get a series of columns that describe the users like username, terminal device, hostname, IP address, and login time. The `w` command can provide useful information about all users who are logged in to a system.
A typical output of the `w` command looks like this:
“`
20:53:02 up 7 days, 4:51, 5 users, load average: 0.57, 0.64, 0.70
USER TTY FROM LOGIN@ IDLE JCPU PCPU WHAT
alice :0 :0 Wed19 ?xdm? 1.63s 0.08s /usr/lib/gdm3/gdm-x-session –run-script env GNOME_SHELL_SESSION_MODE=ubuntu gnome-session –session=ubuntu
bob pts/0 192.168.1.4 Fri08 3:15m 0.03s 0.00s sshd: bob [priv]
carol pts/1 192.168.1.5 Sun11 7:03m 0.00s 0.02s ssh carol@ubuntu
dave pts/2 192.168.1.4 Tue20 43:40m 2.26s 0.07s -bash
eve pts/3 192.168.1.5 20:21 1:03 0.01s 0.01s -bash
“`
The output of `w` command may contain a lot of information, especially if several users are logged in at the same time.
Each line lists important details about the logged-in users, including the username, terminal device, IP address, login time, idle time, and current process.
Using the Who Command
Another useful command for determining who is logged in to a Linux system is the `who` command. The `who` command reports user names, terminal devices, login date and time, hostname, and IP addresses for users currently logged in to the system.
In essence, it allows a Linux user to see a list of the sessions that are currently open on the local machine. The command `who -a` provides additional data for each user, including run-level, process ID, and how long the system has been running.
Here’s an example output using the `who` command:
“`
user tty1 2021-11-15 20:13
user pts/0 2021-11-15 22:53 (:0.0)
user pts/1 2021-11-16 11:47 (:0.0)
“`
This output shows each user logged in and the terminal devices they are using.
Using Whoami Command
The `whoami` command displays the username of the current user logged into the terminal. This command displays the active shell’s effective user ID, or UID.
Simply run the following command:
“`
$ whoami
jimi
“`
Using ID Command
The `id` command displays information about the current user, their groups, effective user ID, and more. To display the username only, use the -un flag.
Here is the simple syntax of the id command:
“`
$ id -un
jimi
“`
Using Users Command
The `users` command displays the list of all currently logged-in users. This command simply lists all of the login names of users currently on system.
“`
$ users
jimi gopi admin
“`
Using Finger Package
The `finger` package is another useful command for determining who is logged in to a Linux system. By default, the `finger` command shows a user’s full name, terminal name, idle time, login time, and office location.
Here’s an example output using the `finger` command:
“`
$ finger -l
Login Name TTY Idle When Where
jimi Jimi Hendrix *:0 4:20 Nov16 20:47 (:1)
gopi Gopi pts/0 4:20 Nov16 20:47 (:1)
admin Adminstrator tty1 4:20 Nov16 20:47 (:1)
“`
Using Last Command
The `last` command shows the list of recently logged-on users and their session details. It’s particularly useful for troubleshooting issues with users who have logged in recently.
By default, this command lists the entries in /var/log/wtmp, which includes all types of logins.
Conclusion
Knowing who is currently logged in to a Linux system can be useful for many administrative tasks. In this article, we covered different methods of finding usernames of currently logged-in Linux users.
The commands we discussed include `w`, `who`, `whoami`, `id`, `users`, `finger`, and `last`. Each command provides valuable information to system administrators and users alike.
By employing these commands, you can easily find out who is logged in and what they are doing.
3) Using Who
If you prefer a command that displays less details than the `w` command, then the `who` command is perfect for you. This command only shows the username, terminal device, hostname, IP address, and system boot information.
The `who` command comes with several options. You can use the `-m` option to include information about the last time the user created or modified a file in their home directory.
The `-u` option shows the time the user last interacted with the system. You can incorporate these options to retrieve specific details as per your requirement.
Here’s an example of using the `who` command to retrieve the list of logged-in users:
“`
$ who
username pts/1 2021-11-17 11:47 (10.11.100.101)
“`
This output shows only one logged-in user named `username`. The terminal device used is `pts/1`, and the user is logged in from IP address `10.11.100.101`.
The output also displays the date and time `username` was last active on the system.
Another useful feature of the `who` command is the `-q` option, which displays the number of users logged in to the system.
Here’s an example of using this option:
“`
$ who -q
1 user
“`
This output shows that there is only one user currently logged in to the system.
4) Using Whoami and ID
Another popular method for retrieving the username of the active shell is using the `whoami` and `id` commands. These commands display the username associated with the current shell.
The `whoami` command is straightforward and requires no options. Simply type `whoami` and press Enter, and your username appears on the screen.
“`
$ whoami
username
“`
The `id` command displays the current user’s UID, the group IDs, and their names associated with the user. The command has different options that can return various pieces of information, but to only get the username, you can use the `-un` option.
“`
$ id -un
username
“`
The output of both `id` and `whoami` is the username of the account currently using the shell, which is useful for scripting and automation tasks where you need the username as a variable.
Conclusion
Retrieving the usernames of currently logged-in users in Linux is not complicated. With different options available, system administrators and users can easily find out who is currently logged in to the system.
The `w` command is perfect for those who need a detailed output with all user information, while the `who` command is ideal if you only need essential user details. The `whoami` and `id` commands are useful for retrieving the username of the active shell, which is handy for scripting and automation tasks.
Different commands cater to different requirements, and it’s up to the user to choose the one that best suits their needs.
5) Using Users
The `users` command prints a list of currently logged-in users without any additional details. This command is ideal for monitoring purposes and makes it easy to see who is currently using the system.
Here’s an example output using the `users` command:
“`
$ users
johndoe jane joe
“`
This output shows that there are three users currently logged in to the system: `johndoe`, `jane`, and `joe`. Unlike the `w` and `who` commands, `users` command provides no additional details, making it useful for quick and easy monitoring of the system.
6) Using Finger
The `finger` command allows you to look up user details such as full name, login time, idle time, terminal name, and more. However, the `finger` command is not installed by default on all systems, so you may need to install it manually.
Once installed, you can use the command to lookup user details. To display a specific user’s details, you will need to type in their username with the `finger` command.
Here’s an example command using the `finger` command:
“`
$ finger johndoe
Login: johndoe Name: John D. Doe
Directory: /home/johndoe/ Shell: /bin/bash
On since Wed Nov 17 09:47 (EST) on pts/0 from 192.168.1.1
3 minutes 22 seconds idle
No mail.
No Plan. “`
This output shows details of the user `johndoe`.
The output contains essential user details such as their directory, shell, and login time. Additionally, the output also shows that the user has been idle for 3 minutes and 22 seconds.
Finger is particularly useful for system administrators who need quick access to user details. It can assist them in monitoring the activity of specific users, especially if there is a need for investigating a particular user’s activity on a system.
Conclusion
In conclusion, Linux provides several tools for printing the usernames of logged-in users. The `w`, `who`, `whoami`, `id`, `users`, and `finger` commands provide different levels of information, allowing users and system administrators to choose the method that best suits their needs.
If you need only the username without any additional details, the `users` command is perfect. With `finger`, you can retrieve more detailed information about specific users on the system.
Using these tools can assist in monitoring and troubleshooting users on a Linux system. By implementing these commands, you can keep track of the users currently logged in and retrieve any additional information you may need about specific users.
7) Using the Last Command
The `last` command can be used to display extensive information about login sessions on a Linux system. The command retrieves login times, duration, device used, session type, and much more.
The command will often display all login sessions for the current day or all sessions ever recorded, depending on the system configuration.
When using the `last` command, you can provide it with arguments to limit the output to a specific range of time, with the most recent login sessions filtered at the top.
The filter can be date-based, time-based, or even user-based.
Here’s an example of the `last` command without any additional arguments:
“`
$ last
johndoe pts/0 192.168.0.1 Wed Nov 17 11:09 still logged in
janedoe pts/1 192.168.0.2 Wed Nov 17 09:47 – 10:52 (01:05)
janedoe pts/0 192.168.0.2 Tue Nov 16 18:22 – 19:03 (00:41)
“`
This output shows the login details for the past login sessions recorded on the system.
The output shows the username, terminal device, IP address, login sessions’ start and end times, and the duration of the session.
The `last` command is especially useful for extensive system monitoring, especially in environments where multiple users share a single system.
By keeping a tab on the login sessions, system administrators can monitor regular and irregular activities and launch timely investigations in case of unusual activities.
Additionally, the `last` command is also useful in retrieving information about logged-in users in remote systems, making it easier to track users’ movements across different locations quickly.
To filter the output, you can provide arguments like `last -n` to retrieve the last `n` login sessions recorded, or `last -d` to filter the output based on a specific date. Here’s an example of the `last` command with the `-d` option:
“`
$ last -d 2021-11-15
johndoe pts/1 192.168.0.3 Mon Nov 15 08:00 still logged in
janedoe pts/0 192.168.0.4 Mon Nov 15 07:00 – 07:30 (00:30)
“`
This output shows only the login sessions logged on November 15th.
Conclusion
In conclusion, the `last` command is a powerful tool that can be used to view extensive information about login sessions on a system. By providing the right options to the command, it is possible to retrieve specific login records or filter based on specific dates and times.
The utility is useful for both system administrators and regular users in tracking login sessions of users on the system and helps to access user movements on different locations quickly. By keeping a tab on login session records, system administrators can detect and respond to any unusual or suspicious activities in real-time, ensuring that their systems remain secure.
In conclusion, knowing how to retrieve the usernames of logged-in users in Linux is essential for system administrators and users alike. The `w`, `who`, `whoami`, `id`, `users`, `finger`, and `last` commands provide various methods to obtain this information.
These commands allow for monitoring active user sessions, retrieving user details, and investigating login activities. By employing these tools, Linux users can effectively manage and secure their systems by keeping track of who is logged in and their activities.
The ability to quickly access this information ensures efficient system monitoring and enhances overall system security. Mastering these commands is a valuable skill for Linux users, enabling them to navigate and administer their systems with confidence.