This lets you lock the console screens (or just the one you are using, if you prefer). Simple to use:
vlock -c vlock -a
With -c, it's just the tty you are presently using, while -a locks all console screens. The "-c" can be used on a telnet or ssh login though it will warn you that
*** This tty is not a VC (virtual console). *** *** It may not be securely locked. ***
To use -a, you have to be presently logged in on the console. If you are not root, vlock will first ask for your password to unlock, but if that fails, it will ask for root's: root can supposedly always unlock it. My testing didn't confirm that - yes, it ASKED for root's password after failing on the user, but did not unluck even when that was correctly given. That could be very unpleasant if you couldn't kill the vlock from a telnet or ssh session.
However, this would probably be used by administrators who will ALWAYS lock the console whenever they leave it, which could be very useful against curious passerbys. You might consider combining that with restrictions in /etc/security/time.conf also.
Got something to add? Send me email.
More Articles by Tony Lawrence © 2012-07-17 Tony Lawrence
There is no reason anyone would want a computer in their home. (Ken Olson, president, chairman and founder of DEC)