Picture this scenario. You are managing a shared server that is regularly being accessed by many users from all systems in the network. There are chances that some user may forget to logout his session and left the session open. Leaving an user session open is dangerous and some users may misuse it intentionally. Would you manually check each and every system to verify whether the users have logged out or not? It is not necessary! Also, It's quite time consuming task if there are hundreds of machines in your network. Instead, you can make an user to auto logout from a local or SSH session after a particular period of inactivity. This brief tutorial describes how to auto logout inactive users after a particular period of time in Linux and Unix-like systems.
Auto Logout Inactive Users After A Period Of Time In Linux
We can do it in three ways. Let us see the first method.
Edit ~/.bashrc or ~/.bash_profile file:
$ vi ~/.bashrc
$ vi ~/.bash_profile
Add the following lines in it.
This makes the user to logout automatically after an inactivity of 100 seconds. You can define this value as per your convenient. Press ESC and type :wq to save and close the file.
Apply the changes by running the following command:
$ source ~/.bashrc
$ source ~/.bash_profile
Now, leave the session idle for 100 seconds. After an inactivity of 100 seconds, you will see the following message and the user will be automatically logged out from the session.
timed out waiting for input: auto-logout Connection to 192.168.43.2 closed.
This setting can be easily modified by the user. Because, ~/.bashrc file is owned by the user himself.
To modify or delete this timeout settings, simply delete the lines added above and apply the changes by running "source ~/.bashrc" command.
Alternatively, the user can disable this by running the following commands:
$ export TMOUT=0
$ unset TMOUT
If you want to prevent the user from changing the settings, follow second method instead.
Log in as root user.
Create a new file called "autologout.sh".
# vi /etc/profile.d/autologout.sh
Add the following lines:
TMOUT=100 readonly TMOUT export TMOUT
Save and close the file.
Make it as executable using command:
# chmod +x /etc/profile.d/autologout.sh
Now, logout or reboot your system. The inactive user will automatically be logged out after 100 seconds. The normal user can't change this settings even if he/she wanted to stay logged in the session. They will be thrown out exactly after 100 seconds.
These two methods are are applicable for both local session and remote session i.e the locally logged-in users or the users logged-in from a remote system via SSH. In the next method, we are going to see how to automatically logout only the inactive SSH sessions, not local sessions.
In this method, we will only making the SSH session users to log out after a particular period of inactivity.
Edit /etc/ssh/sshd_config file:
$ sudo vi /etc/ssh/sshd_config
Add/modify the following lines:
ClientAliveInterval 100 ClientAliveCountMax 0
Press ESC key and type :wq to save and close this file. Restart sshd service to take effect the changes.
$ sudo systemctl restart sshd
Now, ssh to this system from a remote system. After 100 seconds, the ssh session will be automatically closed and you will see the following message:
$ Connection to 192.168.43.2 closed by remote host. Connection to 192.168.43.2 closed.
Now, whoever access this system from a remote system via SSH will automatically be logged out after an inactivity of 100 seconds.