Displaying Active Users

Problem

You want to find out who else is logged in to a router.

Solution

To see which users are currently logged into the router and on which line, use the show users EXEC command:

Router1#show users

Use the keyword all to view all lines whether a user is currently active or not:

Router1#show users all

Use the EXEC command who to view the same output as the show users command:

Router1#who

To remotely view which users are logged into a router, use the finger command from your management server:

Freebsd% finger @Router1

This last command will work only if the finger service is enabled on the router.

Discussion

The router provides a number of different methods to view active users. The output from all of these commands is nearly identical. For security purposes, for operational reasons, or just for curiosity, many administrators like to know which users are accessing the router.

The format of the output is as follows: the absolute line number, the VTY line number, the username, listing of connected hosts, the inactivity timer, and the source address of the session. Also notice that one line of the output has an asterisk * in the left margin, indicating your current session.

The show users command displays the current active users and their associated line information:

Router1#show users
 Line User Host(s) Idle Location
 66 vty 0 ijbrown idle 00:56:15 freebsd.oreilly.com
 67 vty 1 kdooley idle 00:17:52 freebsd.oreilly.com
* 68 vty 2 weak idle 00:00:00 freebsd.oreilly.com

 Interface User Mode Idle Peer Address

Router1#

If you add the keyword all to this command, the router will display all of its lines, whether or not they have an active session:

Router1#show users all
 Line User Host(s) Idle Location
 0 con 0 00:00:00 
 65 aux 0 00:00:00 
 66 vty 0 ijbrown idle 00:56:24 freebsd.oreilly.com
 67 vty 1 kdooley idle 00:18:01 freebsd.oreilly.com
* 68 vty 2 weak idle 00:00:00 freebsd.oreilly.com
 69 vty 3 00:00:00 
 70 vty 4 00:00:00 

 Interface User Mode Idle Peer Address

Router1#

The who command is named after popular Unix program, which displays active users. The router's version of who displays exactly the same information as the show users command:

Router1#who
 Line User Host(s) Idle Location
 66 vty 0 ijbrown idle 00:56:58 freebsd.oreilly.com
 67 vty 1 kdooley idle 00:18:36 freebsd.oreilly.com
* 68 vty 2 weak idle 00:00:00 freebsd.oreilly.com

 Interface User Mode Idle Peer Address

Router1#

The finger command is another popular Unix program that displays the active users of a remote system by using a simple open IP based protocol. The router will respond to any finger request with output similar to that of the show users command. In the following example, we use finger from a Unix server to see which users are logged into a particular router:

Freebsd% finger @Router1
[Router1]

 Line User Host(s) Idle Location
* 66 vty 0 idle 00:00:00 freebsd.oreilly.com
 67 vty 1 ijbrown idle 00:01:48 freebsd.oreilly.com
 69 vty 3 ijbrown idle 00:59:04 freebsd.oreilly.com

 Interface User Mode Idle Peer Address
Freebsd%

Notice that we were able to remotely extract the active user list without even logging into the router. For security purposes, we recommend that you disable the finger service to prevent illegitimate use of protocol. For example, somebody could use this command to discover a valid username as well as a remote workstation that is allowed to log into the router. This can be a dangerous amount of information to give away freely.

You can disable the finger service on a router with the following configuration command:

Router1#configure terminal 
Enter configuration commands, one per line. End with CNTL/Z.
Router1(config)#no ip finger
Router1(config)#end
Router1#

For more information regarding the disabling of the finger service, see Recipe 2.7.

See Also

Recipe 2.7; Recipe 3.1; Recipe 3.7; Chapter 4

Router Configuration and File Management

Router Management

User Access and Privilege Levels

TACACS+

IP Routing

RIP

EIGRP

OSPF

BGP

Frame Relay

Handling Queuing and Congestion

Tunnels and VPNs

Dial Backup

NTP and Time

DLSw

Router Interfaces and Media

Simple Network Management Protocol

Logging

Access-Lists

DHCP

NAT

First Hop Redundancy Protocols

IP Multicast

IP Mobility

IPv6

MPLS

Security

Appendix 1. External Software Packages

Appendix 2. IP Precedence, TOS, and DSCP Classifications

Index



Cisco IOS Cookbook
Cisco IOS Cookbook (Cookbooks (OReilly))
ISBN: 0596527225
EAN: 2147483647
Year: 2004
Pages: 505

Flylib.com © 2008-2020.
If you may any questions please contact us: flylib@qtcs.net