How to kill a users SSH Connection

[morganpugh84]

Hi,

Can someone tell me how to kill a users ssh connection to my server? I am running RedHat 9 and just want to kill there connection and any processes running.

[rionach]

not sure how to do it for a single user, but "ps -ax | grep sshd" will give you the PID of sshd, then "kill -1 <pid>" should disconnect pretty much everyone.

[configure Veteran]

Killing sshd would shut down the daemon, if you only want to kill the ssh connections, do ps -aux | grep ssh to see the pid listings and use kill -9 <pid> to kill the process.

[rionach]

kill -1 restarts things

[morganpugh84]

Hi,

Yes I have been using kill however listing the processes for sshd will list ALL processes of sshd, sometimes I want to kill just 1 user and killing sshd will kill everyone which I dont want. If I want to kill every I just restart sshd with 'service sshd restart'

The only way using kill to kill sshd would be handy is if I could find out which user was using which instance of sshd so I could kill just that 1 instance of sshd. is there any way to find out what user is using what PID for sshd?

using 'w' will only display the programs a user is currently running so that doesnt work.

Anyone got any other ideas?

[configure Veteran]

Well, maybe you can ID them by the time that they access and how they have been using ssh :/

[+BudMan MVC]

can't you just ps -u username (do you know their username?) this will give you the pid of their connection

[bud@<hidden> bud]$ ps -u bud

PID TTY TIME CMD

20444 ? 00:00:00 sshd

20445 pts/0 00:00:00 bash

20478 pts/0 00:00:00 ps

[bud@<hidden> bud]$

And then kill that PID ;)

[configure Veteran]

  BudMan said:

can't you just ps -u username (do you know their username?) this will give you the pid of their connection

[bud@<hidden> bud]$ ps -u bud

PID TTY TIME CMD

20444 ? 00:00:00 sshd

20445 pts/0 00:00:00 bash

20478 pts/0 00:00:00 ps

[bud@<hidden> bud]$

And then kill that PID ;)

Never thought of that until now :laugh:

[rionach]

me neither

[morganpugh84]

  BudMan said:

can't you just ps -u username (do you know their username?) this will give you the pid of their connection

[bud@<hidden> bud]$ ps -u bud

PID TTY TIME CMD

20444 ? 00:00:00 sshd

20445 pts/0 00:00:00 bash

20478 pts/0 00:00:00 ps

[bud@<hidden> bud]$

And then kill that PID ;)

BudMan you are TheMan!

Cheers so much, it works a treat :thumbsup:

[Daem0hn]

if you

kill -1 <pid>

the user (using their pid) would it log them out and log them back in???

what do the other -... do???

[morganpugh84]

Hi Daem0hn,

If you use

ps -u username

to find the pid of that users sshd process you can then kill the process and it will kill there connection. They wont auto log back in however they can manually log back if they wish.

[Daem0hn]

yeh, i figured as much, but if you attatch the -1 flag to the kill command, it restarts what ever it is, in this scenario, and you were killing their connection, what would be restarted - if anything ???

[PeterHammer]

Whey you kill -1, you are killing and restarting a process on your server (In this case the SSH Daemon (sshd) or ssh session process). Since the SSH session is actually a connection initiated by the SSH client, you have really no way of affecting what happens on that end, and that includes an auto restart of the session. As far as the client is concerned, when your process stops, it losses the connection and the remote user will see something like "Remote Server termintated connection" OR "Remote Connection lost".