How to Lock Your Linux Terminal with vlock


Virtual consoles are very important features of Linux, and they provide a system user a shell prompt to use the system in a non-graphical setup which you can only use on the physical machine and not remotely.

A user can use several virtual console sessions at the same time just by switching from one virtual console to another.

In this how-to guide, we shall look at how to lock a user’s virtual console or terminal console in Linux systems using the vlock program.

What is vlock?

vlock is a command-line utility used to lock one or several user virtual console sessions to prevent unauthorized access.

When you lock your terminal using vlock, it prompts you to enter your user password to unlock it, this ensures that only authorized users can access the terminal.

vlock is important on a multi-user system, it allows users to lock their own sessions while other users can still use the same system via other virtual consoles. Where necessary, the entire console can be locked down and also switching virtual console disabled.

vlock primarily works for console sessions and also has support for locking non-console sessions but this has not been tested fully.

How to Install vlock in Linux

To install vlock on Linux, use the following appropriate command for your specific Linux distribution.

sudo apt install vlock         [On Debian, Ubuntu and Mint]
sudo yum install vlock         [On RHEL/CentOS/Fedora and Rocky/AlmaLinux]
sudo emerge -a sys-apps/vlock  [On Gentoo Linux]
sudo apk add vlock             [On Alpine Linux]
sudo pacman -S vlock           [On Arch Linux]
sudo zypper install vlock      [On OpenSUSE]    
sudo pkg install vlock         [On FreeBSD]

How to Use vlock in Linux

There are a few options that you can use with vlock and the general syntax is:

vlock option
vlock option plugin
vlock option -t <timeout> plugin

Lock Current Virtual Console

To lock the current virtual console or terminal session of the user, run the following command.

vlock --current
Lock User Terminal Session in Linux
Lock User Terminal Session in Linux

The options -c or --current, means lock the current session and it is the default behavior when you run vlock.

Lock All Virtual Consoles

To lock all your virtual console sessions and also disable virtual console switching, run the command below.

vlock --all
Lock All Linux Terminal Sessions
Lock All Linux Terminal Sessions

The options -a or --all, when used, it locks all user’s console sessions and also disables virtual console switching.

These other options can only work when vlock is compiled with plugin support and they include the:

Switch to a New Virtual Console

The following command switches to a new virtual console before locking the user’s current console session, which ensures that the locking process occurs on a separate virtual console, allowing the user to continue using the system without interruption.

vlock --new

Disabling SysRq Mechanism with vlock

The "-s" or "--disable-sysrq" option disables the SysRq mechanism while virtual consoles are locked by a user. This option only takes effect when the "-a" or "--all" option is also used.

vlock -sa

Setting Timeout for Screensaver Plugin

The "-t" or "--timeout <time_in_seconds>" option is used to set a timeout for the screensaver plugin. This option allows you to specify the duration (in seconds) after which the screensaver will activate and lock the session.

vlock --timeout 5

View vlock Help and Version

You can use -h or --help and -v or --version to view help messages and versions respectively.

vlock --help
vlock --version

We’ll leave it at that, but keep in mind that you can include a ~/.vlockrc file. This file is read by the vlock program during system startup, allowing you to add environmental variables.

You can find more details about these variables in the manual entry page, particularly useful for users of Debian-based distributions.

Source link