You wish! I used the who command with “who -d” to check my node, and voila, 2 abandoned tmux sessions that I never knew were still runnng in the background…. Let alone I know what they were running, maybe a maliscious script? (just as an example, they were mine).
A trojan horse could be inserted into the root fs via tmux/screen and stay undetected, possibly phoning home or opening a backdoor.
“tmux attach” and “exit” both tmux sessions ended the tmux forgotten tmux sessions. Funny thing tho that “who -d” still shows them both, but who -d” now says “no sessions”. Maybe some caching (on file)?
So, how to cope with forgotten, hidden, ‘broken’ (connections timeout) tmux sessions? I guess the same is valid for the obsolete but still available “screen” command.
</panic mode>
tmux cheatsheet for convenience.
ps. What I mean is that SAM manages keys, but like in a real building, one would like to know who opened what door (and for what reasson) and specifically, are all doors locked again. So if I get a key (RBAC or whatever auth), go inside, open the back door, go back to reception and hand back the keys and leave. All is fine according to key management, but not to security.
Identity and Access Management (IAM) come into play. Just saying this for a broader discussion, thoghts gathering since the interesting areas of SSO, IAM, SAM, Security and system audits and hardening. Maybe even worth a split off into a seperate chat topic? (Ah! we already started this thought process here.
Nevertheless, SAM is great thanks @stephdl !