Who Is Logged On Linux


As a Linux user, one of the questions that often crosses my mind is, “Who else is logged on to my Linux system?” It’s an interesting and important question, especially if you’re concerned about security or curious about the activities happening on your machine.

In Linux, the “who” command is a powerful tool that provides us with the ability to view the users currently logged into our system. When executed, it displays a list of all logged-in users, including their login names, terminal sessions, login times, and their originating IP addresses.

Using the “who” command is simple. Open up a terminal and type “who” followed by the Enter key. You’ll be presented with a neat table of logged-in users, similar to the one below:

john    pts/0        2022-05-15 20:45 (
emma    pts/1        2022-05-15 21:10 (
james   pts/2        2022-05-15 21:26 (

From this output, we can gather some valuable information. The first column displays the username of the logged-in user. In my case, it’s “john”. The second column represents the terminal session the user is using, such as “pts/0”, “pts/1”, and so on. This information can be helpful when it comes to managing multiple terminal sessions. The third column provides the login time, allowing us to see when a user has logged in. Finally, the fourth column shows the IP address from which the user originated.

Now, you might be wondering, what can we do with this information? Well, there are several scenarios where knowing who is logged in can be useful. Let’s explore a few:

1. Monitoring System Activity

By using the “who” command, you can monitor the activities of other users on your Linux system. It allows you to keep an eye on who is currently using the system and what they are doing. This can be especially helpful in a multi-user environment, where you want to ensure that no unauthorized activities are taking place.

2. Troubleshooting User Issues

If a user is experiencing problems, knowing who else is logged on can provide valuable information for troubleshooting. By comparing the experiences of different users, you can identify patterns or common factors that may be contributing to the issue. Additionally, you can use the “who” command to check if any other users are actively using system resources, which could be causing performance issues.

3. Enhancing Security

The “who” command can help you identify if any unauthorized or unfamiliar users are logged in to your Linux system. If you notice any suspicious activity or unknown users, it’s important to investigate further to ensure the security and integrity of your system. In such cases, it’s advisable to change your passwords, review system logs, and take appropriate action to mitigate any potential risks.

Overall, the “who” command is a valuable tool that allows Linux users to stay informed about who is logged on to their system. Whether you’re monitoring system activity, troubleshooting user issues, or enhancing security, this command provides valuable insights into the users currently using your Linux machine.


Knowing who is logged in to your Linux system can be crucial for security, troubleshooting, and monitoring purposes. The “who” command allows you to quickly and easily view a list of logged-in users, their terminal sessions, login times, and originating IP addresses. By leveraging this information, you can stay informed about the activities happening on your Linux machine and take appropriate actions when needed.