How to kick a logged user

Dennis Skinner dskinner at bluefrog.com
Mon Feb 6 22:25:40 CET 2006


Guy Fraser wrote:
> there. I looked into it briefly for Cisco 5248 and determined 
> that by setting the interface administratively down would boot 
> the user, then setting it back to up would allow it to accept 
> access again. The tricky part was matching the user to the 
> interface so you would kick the right user.

We have Ciscos here.  You don't need to set the int to down.  Just clear
the tty.  You can use bash and expect to write a script.  You will need
to find which tty to clear first (also doable via bash/expect/grep/awk).

If you use tacacs, you can give a special user rights to only do very
specific commands which should limit the liability of having the
password in the script.

-- 
Dennis Skinner
Systems Administrator
BlueFrog Internet
http://www.bluefrog.com



More information about the Freeradius-Users mailing list