Home FAQ How To Auto Logout Inactive Users After A Period Of Time In Linux
Auto Logout Inactive Users After A Period Of Time In Linux

How To Auto Logout Inactive Users After A Period Of Time In Linux

By sk
936 Views

Let us picture this scenario. You have a shared server that is regularly being accessed by many users from all systems in the network. There are chances that some user may forget to logout his session and left the session open. Leaving an user session open is dangerous and some users may misuse it intentionally. Would you, as a system admin, go and check each and every system to verify whether the users have logged out or not? Not necessary. Also, It's quite time consuming process if you have hundreds of machines in your network. Instead, you can make an user to auto logout from a local or SSH session after a particular period of inactivity. This brief tutorial describes how to auto logout inactive users after a particular period of time in Unix-like systems. It's not that difficult. Follow me.

Auto Logout Inactive Users After A Period Of Time In Linux

We can do it in three ways. Let us see the first method.

Method 1:

Edit ~/.bashrc or ~/.bash_profile file:

$ vi ~/.bashrc

Or,

$ vi ~/.bash_profile

Add the following lines in it.

TMOUT=100

This makes the user to logout automatically after an inactivity of 100 seconds. You can define this value as per your convenient. Press ESC and type :wq to save and close the file.

Apply the changes by running the following command:

$ source ~/.bashrc

Or,

$ source ~/.bash_profile

Now, leave the session idle for 100 seconds. After an inactivity of 100 seconds, you will see the following message and the user will be automatically logged out from the session.

timed out waiting for input: auto-logout
Connection to 192.168.43.2 closed.

This setting can be easily modified by the user. Because, ~/.bashrc file is owned by the user himself.

To modify or delete this timeout settings, simply delete the lines added above and apply the changes by running "source ~/.bashrc" command.

Alternatively, the user can disable this by running the following commands:

$ export TMOUT=0

Or,

$ unset TMOUT

If you want to prevent the user from changing the settings, follow second method instead.

Method 2:

Log in as root user.

Create a new file called "autologout.sh".

# vi /etc/profile.d/autologout.sh

Add the following lines:

TMOUT=100
readonly TMOUT
export TMOUT

Save and close the file.

Make it as executable using command:

# chmod +x /etc/profile.d/autologout.sh

Now, logout or reboot your system. The inactive user will automatically be logged out after 100 seconds. The normal user can't change this settings even if he/she wanted to stay logged in the session. They will be thrown out exactly after 100 seconds.

These two methods are are applicable for both local session and remote session i.e the locally logged-in users or and/or the users logged-in from a remote system via SSH. Next we are going to see how to automatically logout only the inactive SSH sessions, not local sessions.

Method 3:

In this method, we will only making the SSH session users to log out after a particular period of inactivity.

Edit /etc/ssh/sshd_config file:

$ sudo vi /etc/ssh/sshd_config

Add/modify the following lines:

ClientAliveInterval 100
ClientAliveCountMax 0

Press ESC key and type :wq to save and close this file. Restart sshd service to take effect the changes.

$ sudo systemctl restart sshd

Now, ssh to this system from a remote system. After 100 seconds, the ssh session will be automatically closed and you will see the following message:

$ Connection to 192.168.43.2 closed by remote host.
Connection to 192.168.43.2 closed.

Now, whoever access this system from a remote system via SSH will automatically be logged out after an inactivity of 100 seconds.

Thanks for stopping by!

Help us to help you:

Have a Good day!!

You May Also Like

4 comments

Adam March 27, 2019 - 6:09 pm

thx a lot. Usefull !

Reply
[email protected] October 5, 2019 - 9:31 am

Horrible idea. If someone is this intent on exerting this amount of control over users, why provide any accounts at all? And while at it, air gap the system and get it off the net. IT policy gone bad.

Reply
sk October 5, 2019 - 10:38 am

As stated in the guide, the user who is not active after certain time, for example 30 mins, will be logged out. I don’t see anything wrong here.

Reply
Ivan December 13, 2019 - 5:02 am

How can I check the session timeout configured on a linux server?

Reply

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More