Linux Command: Who logged in?

Updated: Dec 3, 2020

Linux is a multi-user system. It is always important to know who has logged into your Linux box. This isn't just to help track the activities of malicious users, but mostly to figure out who made the mistake that crashed the system. We collect 6 Linux commands for this task.

6 ways to check who logged in Linux system?

6 ways to check who logged in Linux system?
  • w - w command shows who’s logged on and what they are doing. It displays information about current users on the machine by reading the file /var/run/utmp, and their processes /proc.

  • who - The who command prints information about all users who are currently logged in. It reads from a default file location (usually /var/run/utmp).

  • whoami - The whoami command shows you which user account you're logged in to from a terminal window.

  • id - The id command Print user and group information for the specified username

  • last - The last command shows list of last logged in users by searching the data from /var/log/wtmp file. Also it shows system reboot information.

  • tail -f /var/log/secure - It is mainly used to track the usage of authorization systems.It stores all security related messages including authentication failures.It also tracks sudo logins, SSH logins and other errors logged by system security services daemon.


Join our mail group. Get a free Linux account on Cloud.

Never miss a post!

Want a free Linux account?  This account can be used to login to our cloud server and practice Linux commands.


✔ Linux Commands   ✔ Linux Skills    ✔ LinuxPerformance   ✔ Linux Interview

Some articles are from the public internet. If you find your article misused or undesired here and you don't want us to display it, please let us know and we'll remove it immediately.