You want to find out who else is logged into a router.
To see which users are currently logged into the router and on which line, use the show users EXEC command:
Router1#show users
Use the keyword all to view all lines, including those that are inactive:
Router1#show users all
The EXEC command who gives the same output as the show users command:
Router1#who
To remotely view which users are logged into a router, use the finger command from your management server:
Freebsd% finger @Router1
This last command works only if the finger service is enabled on the router.
The router provides a number of different methods to view active users. The output from all of these commands is nearly identical. Many administrators like to know which users are accessing the router for security purposes, operational reasons, or just out of curiosity.
The format of the output is as follows: the absolute line number, the VTY line number, the username, a listing of connected hosts, the inactivity timer, and the source address of the session. Note that one line of the output has an asterisk (*) in the left margin, indicating your current session.
The show users command displays the current active users and their associated line information:
Router1#show users Line User Host(s) Idle Location 66 vty 0 ijbrown idle 00:56:15 freebsd.oreilly.com 67 vty 1 kdooley idle 00:17:52 freebsd.oreilly.com * 68 vty 2 weak idle 00:00:00 freebsd.oreilly.com Interface User Mode Idle Peer Address Router1#
If you add the keyword all to this command, the router displays all of its lines, active and inactive:
Router1#show users all Line User Host(s) Idle Location 0 con 0 00:00:00 65 aux 0 00:00:00 66 vty 0 ijbrown idle 00:56:24 freebsd.oreilly.com 67 vty 1 kdooley idle 00:18:01 freebsd.oreilly.com * 68 vty 2 weak idle 00:00:00 freebsd.oreilly.com 69 vty 3 00:00:00 70 vty 4 00:00:00 Interface User Mode Idle Peer Address Router1#
The who command is named after the popular Unix program, which displays active users. The router's version of who displays exactly the same information as the show users command:
Router1#who Line User Host(s) Idle Location 66 vty 0 ijbrown idle 00:56:58 freebsd.oreilly.com 67 vty 1 kdooley idle 00:18:36 freebsd.oreilly.com * 68 vty 2 weak idle 00:00:00 freebsd.oreilly.com Interface User Mode Idle Peer Address Router1#
The finger command is another popular Unix program that displays the active users of a remote system using a simple open IP-based protocol. The router responds to any finger request with output similar to that of the show users command. In the following example, we use finger from a Unix server to see which users are logged into a particular router:
Freebsd% finger @Router1
[Router1]
Line User Host(s) Idle Location
* 66 vty 0 idle 00:00:00 freebsd.oreilly.com
67 vty 1 ijbrown idle 00:01:48 freebsd.oreilly.com
69 vty 3 ijbrown idle 00:59:04 freebsd.oreilly.com
Interface User Mode Idle Peer Address
Freebsd%
Notice that we were able to remotely extract the active user list without even logging into the router. For security purposes, we recommend that you disable the finger service to prevent illegitimate use of the protocol. For example, somebody could use this command to discover a valid username as well as a remote workstation that is allowed to log into the router. This can be a dangerous amount of information to give away freely.
You can disable the finger service on a router with the following configuration command:
Router1#configure terminal Enter configuration commands, one per line. End with CNTL/Z. Router1(config)#no ip finger Router1(config)#end Router1#
Recipe 2.6; Recipe 3.1; Recipe 3.7; Chapter 4
Top |