Clearing IDLE TTY Sessions in Junos
This is going to be a quick post on how you can forcibly disconnect idle and/or other users by using their PID or TTY session.
This is very useful, when you have too many simultaneous concurrent connections (normally when you having some issue) or because of some dodgy connections you get from time to time, and your terminal gets timed out in the middle of configuring and you have to reconnect. To be then greeted with:
[marquk01@netlab ~]$ ssh 10.1.0.243
Password:
--- JUNOS 14.1X53-D25.2 built 2015-04-01 01:53:36 UTC
{master:0}
marquk01@EX4200-A> edit
Entering configuration mode
Users currently editing the configuration:
marquk01 terminal p0 (pid 41263) on since 2015-05-04 11:22:50 UTC, idle 02:01:13
{master:0}\[edit firewall\]
marquk01 terminal p1 (pid 41306) on since 2015-05-04 12:02:30 UTC, idle 01:16:58
{master:0}\[edit\]
If you’re like me and find this annoying. There is a simple way of; firstly, showing all the current concurrent session on the device and then how you can disconnect them.
To show all the user sessions that are on the switch, you can run the command show system users no-resolve:
marquk01@EX4200-A> show system users no-resolve
fpc0:
--------------------------------------------------------------------------
1:26PM up 33 days, 6:56, 3 users, load averages: 0.00, 0.01, 0.00
USER TTY FROM LOGIN@ IDLE WHAT
marquk01 p0 10.1.0.17 11:22AM 2:03 -cli (cli)
marquk01 p1 10.1.0.17 12:02PM 1:19 -cli (cli)
marquk01 p2 10.1.0.17 1:24PM - -cli (cli)
This command provides information on:
- Connected Users
- TTY session
- IP address each user has connected from
- Login Times
- Idle Timer
- User’s method of remote access
We can see that I have 3 sessions currently but only one is active, as 2 connection have IDLE times.
To clear to two session we can either use the TTY session number, shown in the output or by the process ID (pid).
To clear by the TTY session, I had to need to run the command request system logout terminal {TTY session} to disconnect the first idle session.
marquk01@EX4200-A> request system logout terminal p0
{master:0}
marquk01@EX4200-A> show system users no-resolve
fpc0:
--------------------------------------------------------------------------
1:27PM up 33 days, 6:57, 2 users, load averages: 0.23, 0.06, 0.02
USER TTY FROM LOGIN@ IDLE WHAT
marquk01 p1 10.1.0.17 12:02PM 1:19 -cli (cli)
marquk01 p2 10.1.0.17 1:24PM - -cli (cli)
The other method would be to clear the user’s pid number. You can find their pid either; in Operational mode, by using the TTY session number running the command show system processes | match {TTY session} (you will need to look for the pid with mgd process) or in Configuration mode, by running the command status:
marquk01@EX4200-A> show system processes | match p1
41299 ?? Is 0:00.17 sshd: marquk01@ttyp1 (sshd)
41306 ?? Is 0:00.06 mgd: (mgd) (marquk01)/dev/ttyp1 (mgd)
41307 p1 Ss+ 0:00.47 -cli (cli)
{master:0}
marquk01@EX4200-A> edit
Entering configuration mode
{master:0}[edit]
marquk01@EX4200-A# status
marquk01 terminal p1 (pid 41306) on since 2015-05-04 12:02:30 UTC, idle 01:20:58
{master:0}[edit]
Once I found the pid number, I ran the command request system logout pid {pid number} to disconnect the second idle session.
marquk01@EX4200-A> request system logout pid 41306
{master:0}
marquk01@EX4200-A> show system users no-resolve
fpc0:
--------------------------------------------------------------------------
1:32PM up 33 days, 7:02, 1 user, load averages: 0.00, 0.02, 0.00
USER TTY FROM LOGIN@ IDLE WHAT
marquk01 p2 10.1.0.17 1:24PM - -cli (cli)
And that’s how you clear idle TTY connections in Junos :)