Linux restricted SSH View login instructions

Restrict IP Login:
(1): Directory/etc/under Hosts.allow to allow login IP configuration file
(2): Directory/etc/under Hosts.deny to restrict IP profiles

Add IP or network segments in/etc/hosts.allow that allow SSH login
Sshd:192.168.0.10:allow or
Sshd:192.168.0.0/24:allow
Add IP denied SSH login in/etc/hosts.deny
Sshd:all #ALL表示除了上面允许的, all other IPs refused to login to SSH

last command to display the user's most recent login information。 Executes the last command separately, which reads the/var/log/wtmp file and displays all the user lists of the logged-on system to the file's content record.
Last (option)
-A: The host name or IP address from which to log in to the system, displayed in the last line;
-D: Convert IP address to host name;
-F < record file;: Specifies the record file.
-N < display number of columns > or-< display columns;: Sets the number of displayed columns for the list;
-R: Does not display the host name or IP address of the login system;
-X: Displays information such as system shutdown, reboot, and execution level changes.

The w command displays a list of users who have logged in to the system and displays the instructions that the user is executing
W (option)
-H: Do not print header information;
-U: ignores the user name when displaying the current process and CPU time;
-S: use short output format;
-F: Shows where the user logged in;
-V: Displays version information.

The finger command is used to find and display user information。Both local and remote host users are available, account names are not case-sensitive differences
Finger (option)
-L: Lists the user's account name, real name, user-specific directory, login shell, login time, forwarding address, e-mail status, and program and program file contents;
-M: Excludes the real name of the person who finds it;
-S: Lists the user's account name, real name, login terminal, idle time, login time and address and telephone number;
-P: Lists the user's account name, real name, user-specific directory, login's shell, login time, forwarding address, email status, but does not show the user's plan file and schema file contents.

The CHFN command is used to change the information displayed by the finger command。 This information is stored in the passwd file in the/etc directory. If you do not specify any options, the CHFN command enters the question-and-answer interface.
CHFN (option)
-f< real name > or--full-name< real name;: set real name;
-h< Home Phone > or--home-phone< home phone;: Set the phone number in your home;
-o< Office Address > or--office< office Address;: Set the address of the office;
-p< Office Phone > or--office-phone< office Phone;: Set the telephone number of the office;
-U or--help: online help;-V or-version: Displays version information.

[Email protected]/]# CHFN
Changing finger information for root.
Name [Root]:
Office [1]:
Office Phone [2]:
Home Phone [12]:

The kill command is used to send a signal to the selected process, freezing the process
Skill (option)
-F: fast mode;
-I: Interactive mode, each step of the operation needs to be confirmed;
-V: Redundant mode;
-W: Active mode;
-V: Displays the version number;
-T: Specifies the terminal number of the open process;
-U: Specifies the user who opened the process;
-P: Specifies the ID number of the process;
-C: Specifies the name of the command that opens the process.

First, use the command to view the pts/0 's process number, which is the following command:
[Email protected] ~]# W
16:51:18 up 2:38, 5 users, Load average:0.00, 0.00, 0.00
USER TTY from [email protected] IDLE jcpu PCPU
Root tty1-16:48 36.00s 0.12s 0.12s-bash
Root pts/0 192.168.0.1 15:50 1:00m 0.03s 0.03s-bash
Root PTS/1 192.168.0.10016:51 0.00s 0.09s 0.06s W
Root PTS/2 192.168.0.10 16:11 38:08 0.04s 0.04s-bash
Root PTS/3 192.168.0.10 16:14 36:09 0.05s 0.05s-bash
[Email protected] ~]# Ps-ef | grep PTS/1
Root 2855 1345 0 16:50? 00:00:00 sshd: [Email PROTECTED]/1
Root 2859 2855 0 16:51 pts/1 00:00:00-bash
Root 2875 2859 1 16:51 pts/1 00:00:00 ps-ef
Root 2876 2859 0 16:51 pts/1 00:00:00 grep pts/1
Kick off the user's command:
[Email protected] ~]#kill-9 2859

Force kick Man Command format: pkill-kill-t TTY
The command to kick out the root user as above is: Pkill-kill-t pts/1

Linux restricted SSH View login instructions