How to view user login and system authorization under Ubuntu "Turn"

Transferred from: Http://www.tuicool.com/articles/ia67Bj

How to view the relevant user login history under Ubuntu, make system log tracking and analysis, in order to find the system login problem, security policy protection? Some of the commands under Ubuntu provide a good way to manage your needs.

1, use the WHO command to view the current login status.

, The WHO command allows you to view the current user and IP login status.

2, use the last command to view recent logins.

, the last command lists user logon times and IP records for the most recent period.

3. Use the Lastlog command to view individual user logins

, the Lastlog command lists the logins for each user and, if not logged in, displays never logged in, and displays the IP and logon hours if there is a login history.

4, view the/var/log/auth.log file, analyze user login and behavior.

, by looking at the Auth.log, you can analyze the user's attempts to log in and exit the history; it can also be seen that some illegal users try to brute force or try to password the user, if you often do, you need to find reasonable precautions, for example, modify the default SSH port number, set the Super user password more reasonable and more complex, and regularly Make changes and so on, avoid being hijacked by some hackers and use as a broiler, that will be enough for you to feel comfortable.

Although these commands are simple, it is of great significance to analyze the user's abnormal sign-in situation for viewing the login history of the relevant users.

How to view user login and system authorization under Ubuntu "Turn"