How to Kill a User Session on a Linux Server

There are very few reasons why you would ever need to kill another user’s session, aside from just being mean or playing a prank. If a user logs in but, for some reason, does not log off, it is a good idea to kill the session associated with it so that the account is not exposed. You can configure SSH to automatically log out idle users after a specified period time to prevent this.

Another more serious reason to kill a user’s session is to stop someone who has taken over the user’s account from doing any damage. Some nefarious scripts might also run under rogue users. You can effectively kill all processes associated with that user with one command. To do this, use a command called pkill.

For example, to kill a single user account on your dedicated server, you would type as root:

pkill -9 -u username

Once the user session has been killed, you should take steps to make sure whatever caused it does not happen again. That may mean forcing the user to change the password, restricting access to SSH, locking the account, or even deleting the user altogether.

The pkill command can have other uses, and used in conjunction with other Linux tools, it is a very powerful command to know. For more information about it, type “man pkill” from the command line or read the documentation online.