Linux如何列出当前系统的活跃会话

<div>

使用de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>、de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>、de class='language-default'>de class='language-default'>de class='language-default'>lastde>de>de>和de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de>命令可查看Linux系统中的活跃用户会话：de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>显示登录用户基本信息，de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>提供更详细的实时活动信息，de class='language-default'>de class='language-default'>de class='language-default'>lastde>de>de>查看历史登录记录，de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de>用于Systemd系统中管理会话；通过区分tty（本地）、de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>（远程SSH）和图形会话（:0），结合de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>和grep过滤、de class='language-default'>de class='language-default'>screende>de>/de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tmuxde>de>de>de>de>会话复用，以及de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de>或pkill管理会话，实现高效监控与控制。

在Linux系统中，想要查看当前有哪些用户活跃地登录着，或者有哪些会话正在运行，我们通常会用到几个核心命令：<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>、<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>、<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>lastde>de>de>

<div>div>div><div>div>div>，以及对于现代Systemd系统来说非常实用的<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>。它们各自提供了不同维度和细节的信息，帮助我们快速掌握系统的用户状态。

解决方案： 要列出当前系统的活跃会话，最直接的方法就是使用命令行工具。

<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div> 命令是最基础的，它会显示当前登录到系统的所有用户。输出通常包括用户名、终端线路（tty或de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>）、登录时间，以及登录来源（如果是远程连接）。

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>

<div>div>div>

举个例子，你可能会看到这样的输出：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>user1de>de>    de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>         2023-10-27 10:00 (:0) de class='language-default'>de class='language-default'>user2de>de>    de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>        2023-10-27 10:30 (de class='language-default'>192.168.1.100de>)de>

<div>div>div>

这告诉我<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>user1de>de>

<div>div>div><div>div>div>在本地图形界面（de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>）登录，而<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>user2de>de>

<div>div>div><div>div>div><div>div>div>通过SSH从<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>192.168.1.100de>

<div>div>div>连接。

<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div> 命令则提供了更详细的信息，它在<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>的基础上，还会显示每个用户当前正在执行什么命令。这对于快速了解系统负载和用户活动非常有帮助。

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div>

输出会像这样：

<div style="position:relative; padding:0px; margin:0px;">

 10:45:01 up 1 day, 1:23,  2 users,  load average: 0.00, 0.01, 0.05 USER     de class='language-default'>TTYde>      de class='language-default'>de class='language-default'>FROMde>de>             LOGIN@   IDLE   JCPU   PCPU WHAT de class='language-default'>de class='language-default'>user1de>de>    de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>     :0               10:00    1:20m  0.03s  0.03s /usr/lib/gnome-shell/gnome-shell de class='language-default'>de class='language-default'>user2de>de>    de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>    de class='language-default'>192.168.1.100de>    10:30    0.00s  0.06s  0.02s de class='language-default'>bashde>

<div>div>div>

这里，<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>user1de>de>

<div>div>div><div>div>div>可能正在使用GNOME桌面，而<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>user2de>de>

<div>div>div><div>div>div><div>div>div>在SSH会话中执行<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>bashde>

<div>div>div>。

如果你想查看更久远的登录记录，<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>lastde>de>de>

<div>div>div><div>div>div> 命令就派上用场了。它会从<div style="position:relative; padding:0px; margin:0px;">

/var/log/de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>tmp

<div>div>div>文件中读取信息，显示系统历史上的所有登录和注销事件，包括重启记录。

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>lastde>de>de>

<div>div>div>

输出可能会很长，但它能让你回溯到过去，看看谁在什么时候登录过系统，以及停留了多久。

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>user2de>de>    de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>        de class='language-default'>192.168.1.100de>    Fri Oct 27 10:30   still logged in de class='language-default'>de class='language-default'>user1de>de>    de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>         :0               Fri Oct 27 10:00   still logged in reboot   system boot  5.15.0-86-generi Fri Oct 27 08:00   - 10:45  (02:45) ...

<div>div>div>

对于使用Systemd的现代Linux发行版（比如Ubuntu 16.04+，CentOS 7+），<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div> 是一个非常强大的工具，它能以更结构化的方式管理和查看用户会话。

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de> list-sessions

<div>div>div>

这个命令会列出所有当前活跃的Systemd会话，包括会话ID、用户、终端、以及会话类型。

<div style="position:relative; padding:0px; margin:0px;">

SESSION  UID USER   SEAT  de class='language-default'>TTYde>       100    1000 de class='language-default'>de class='language-default'>user1de>de> seat0 de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>       101    1001 de class='language-default'>de class='language-default'>user2de>de> de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>

<div>div>div>

如果你想看某个特定会话的详细信息，可以使用<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de> shode class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>-session <SESSION_ID>

<div>div>div>。例如：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de> shode class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>-session 100

<div>div>div>

这会输出大量关于该会话的元数据，包括它的状态、所属进程等。

如何区分不同类型的Linux用户会话？

在Linux环境中，会话的类型其实挺多的，理解它们对于系统管理和安全审计都挺重要的。从我个人的经验来看，主要可以分为几种：本地终端会话、图形桌面会话和远程会话。

本地终端会话通常指的是直接连接到物理机器的键盘和显示器，通过Ctrl+Alt+F1到F6切换的那些字符界面（de class='language-default'>TTYde>）。在<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>或<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>的输出中，它们通常显示为<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>、<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>tty2de>

<div>div>div>等。这些会话是直接与内核交互的，比较底层。

图形桌面会话，比如GNOME、KDE、Xfce等，虽然最终也可能运行在一个de class='language-default'>TTYde>之上（比如<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>），但它们通常通过一个显示管理器（如GDM、LightDM）启动，并创建一个X服务器或Wayland会话。在<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>或<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>的输出中，你可能会看到<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>后面跟着<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>(：0)de>

<div>div>div>或者其他类似的显示器标识符，这通常就代表了一个图形会话。<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>在<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>TTYde>

<div>div>div>列可能会显示<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tty1de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>，但<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>TYPEde>

<div>div>div>字段（如果显示的话）会更明确地指示是<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>x11de>

<div>div>div>或<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ayland

<div>div>div>。

远程会话，最常见的就是通过SSH（Secure Shell）连接的。当你通过Pude class='language-default'>TTYde>或者<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>sshde>

<div>div>div>命令从另一台机器连接过来时，系统会为你的连接分配一个“伪终端”（Pseudo-Terminal），通常表示为<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>

<div>div>div><div>div>div><div>div>div>、<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/1de>

<div>div>div>等等。这个<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>就是“pseudo-terminal slave”的缩写。在<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>和<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>的输出中，<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>FROMde>de>

<div>div>div><div>div>div>列会显示你的IP地址或主机名，这非常明确地指出了这是一个远程连接。

理解这些区分，比如看到一个<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>会话但<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>FROMde>de>

<div>div>div><div>div>div>列是<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>localhostde>

<div>div>div>，那很可能是在本地启动了一个终端模拟器（如gnome-terminal, konsole），它也是通过伪终端实现的。如果看到一个陌生的IP地址连接着<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>，那你就得警惕了，是不是有未经授权的访问？这种细致的观察，在排查问题或确保系统安全时，真的很有用。

<div> de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>l.com/ai/kive"> <div> de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>l.com/ai/kive">Kive

一站式AI图像生成和管理平台

<div> 89 div> div> de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>l.com/ai/kive"> 查看详情 div>

除了列出，如何监控或管理Linux用户会话？

仅仅知道有哪些会话在运行，有时候还不够。作为系统管理员，或者一个需要保持工作不中断的开发者，我们可能还需要对会话进行更深层次的监控甚至干预。

一个非常常见的场景是，我通过SSH连接到服务器，但网络不稳定或者我需要关闭本地电脑。这时，<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>screende>de>

<div>div>div><div>div>div>或<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tmuxde>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>这类终端复用工具就显得尤为重要了。它们允许你创建一个持久化的会话，即使你的SSH连接断开，会话中的程序依然会在服务器上运行。你可以随时重新连接到服务器，并“重新附着”到之前的<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>screende>de>

<div>div>div><div>div>div>或<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tmuxde>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>会话上，继续工作。 例如，启动一个<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tmuxde>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>会话：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tmuxde>de>de>de>de>

<div>div>div>

在<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tmuxde>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>会话里工作，然后按<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>Ctrl+b dde>

<div>div>div>（<div style="position:relative; padding:0px; margin:0px;">

d

<div>div>div>是detach的缩写）来分离会话。之后，你可以关闭SSH连接。当你再次登录时，用以下命令重新连接：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>tmuxde>de>de>de>de> attach

<div>div>div>

这极大地提高了远程工作的灵活性和效率。

从管理的角度看，有时候我们可能需要终止一个用户的会话，比如某个用户占用了过多资源，或者发现异常登录。这里需要非常小心，因为强制终止会话可能会导致用户数据丢失或程序异常退出。

对于一个<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>会话，你可以尝试使用<div style="position:relative; padding:0px; margin:0px;">

pkill

<div>div>div>命令，结合终端ID。 假设<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>命令显示<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>user2de>de>

<div>div>div><div>div>div><div>div>div>在<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>

<div>div>div><div>div>div><div>div>div>上：

<div style="position:relative; padding:0px; margin:0px;">

pkill -KILL -t de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>

<div>div>div>

这个命令会向<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>/0de>

<div>div>div><div>div>div><div>div>div>上所有进程发送<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

KILL

<div>div>div><div>div>div>信号，强制终止它们，从而结束该会话。但请注意，<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

KILL

<div>div>div><div>div>div>信号是强制性的，不给进程清理的机会，所以务必谨慎使用。

对于Systemd管理的会话，<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div>也提供了终止会话的功能：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de> terminate-session <SESSION_ID>

<div>div>div>

例如：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de> terminate-session 101

<div>div>div>

这会尝试优雅地终止ID为101的会话。它通常会比<div style="position:relative; padding:0px; margin:0px;">

pkill -KILL

<div>div>div>更温和一些，但具体行为取决于会话内进程对信号的响应。

此外，如果你想进行更全面的用户活动审计，可以考虑配置<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

auditd

<div>div>div><div>div>div>服务。它能够记录系统上的各种事件，包括用户登录、文件访问等，这对于安全合规性要求较高的环境非常有用。不过，<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

auditd

<div>div>div><div>div>div>的配置和日志分析有学习曲线，通常需要专门的知识。

在多用户或服务器环境中，如何高效查看和管理会话？

在多用户或服务器环境中，会话管理就不仅仅是“看看谁在”那么简单了，它上升到了资源分配、安全审计和故障排查的层面。我个人在管理多台服务器时，会结合使用前面提到的命令，并辅以一些脚本和习惯。

<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>命令依然是我的首选，因为它能迅速给我一个概览：谁在线，在做什么，以及系统的负载情况。如果看到某个用户长时间处于<div style="position:relative; padding:0px; margin:0px;">

idle

<div>div>div>状态，或者执行着一个我意料之外的命令，我就会进一步调查。

结合<div style="position:relative; padding:0px; margin:0px;">

grep

<div>div>div>进行过滤是提高效率的关键。比如，我只想看特定用户的会话：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de> | grep myuser

<div>div>div>

或者，我只想看远程SSH会话，排除本地终端：

<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>hode> | grep de class='language-default'>de class='language-default'>de class='language-default'>ptsde>de>de>

<div>div>div>

这样可以快速定位到我关心的信息，避免被无关内容淹没。

对于持续监控，我可能会编写一个简单的脚本，定期运行<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>或<div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>loginctlde>de>de> list-sessions

<div>div>div>，然后将输出与一个“白名单”进行比对，或者查找异常模式。例如，如果发现某个用户在非工作时间登录，或者有来自非授权IP的连接，脚本就可以触发警报。这虽然不是一个开箱即用的功能，但对于有特定安全需求的环境来说，定制化监控是必不可少的。

在资源管理方面，如果发现某个用户进程占用了大量CPU或内存，首先会通过<div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;"><div style="position:relative; padding:0px; margin:0px;">

de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>

<div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div><div>div>div>或<div style="position:relative; padding:0px; margin:0px;">

top

<div>div>div>确认是哪个会话，然后可以结合<div style="position:relative; padding:0px; margin:0px;">

ps auxf

<div>div>div>来查看该会话下的进程树，定位到具体是哪个程序在消耗资源。之后，根据情况选择与用户沟通、发送终止信号（如<div style="position:relative; padding:0px; margin:0px;">

kill -TERM <PID>

<div>div>div>）或强制终止（<div style="position:relative; padding:0px; margin:0px;">

kill -KILL <PID>

<div>div>div>）。

最后，我想说的是，在多用户环境中管理

<div style="display: inline-flex;"> 相关标签： <div style="display:flex;"> data="/zt/15718.html" target="_blank">linux data="/zt/15739.html" target="_blank">centos data="/zt/16237.html" target="_blank">电脑 data="/zt/16758.html" target="_blank">ubuntu data="/zt/16887.html" target="_blank">工具 data="/zt/17098.html" target="_blank">session data="/zt/17101.html" target="_blank">显示器 data="/zt/21592.html" target="_blank">linux系统 data="/zt/38926.html" target="_blank">数据丢失 data="/zt/45416.html" target="_blank">模拟器 data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=de class='language-default'>bashde>" target="_blank">de class='language-default'>bashde> data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=Session" target="_blank">Session data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=标识符" target="_blank">标识符 data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=var" target="_blank">var data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=事件" target="_blank">事件 data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=linux" target="_blank">linux data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=ubuntu" target="_blank">ubuntu data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=centos" target="_blank">centos data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=de class='language-default'>sshde>" target="_blank">de class='language-default'>sshde> div> div> div> data="/zt/15718.html" target="_blank">linux data="/zt/15739.html" target="_blank">centos data="/zt/16237.html" target="_blank">电脑 data="/zt/16758.html" target="_blank">ubuntu data="/zt/16887.html" target="_blank">工具 data="/zt/17098.html" target="_blank">session data="/zt/17101.html" target="_blank">显示器 data="/zt/21592.html" target="_blank">linux系统 data="/zt/38926.html" target="_blank">数据丢失 data="/zt/45416.html" target="_blank">模拟器 data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=de class='language-default'>bashde>" target="_blank">de class='language-default'>bashde> data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=Session" target="_blank">Session data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=标识符" target="_blank">标识符 data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=var" target="_blank">var data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=事件" target="_blank">事件 data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=linux" target="_blank">linux data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=ubuntu" target="_blank">ubuntu data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=centos" target="_blank">centos data="/search?de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>de class='language-default'>wde>de>de>de>de>de>ord=de class='language-default'>sshde>" target="_blank">de class='language-default'>sshde>