Skip to content
shellmap

whoList users currently logged in — login name, tty, time across all 5 shells

Equivalents in every shell

Bashunix
who

Reads `/var/run/utmp` (current sessions). Output columns: user, tty, login time, (optional) remote host. `who -a` adds idle time + boot time + run-level transitions. `w` is the richer cousin: same data plus load average + the command each user is currently running. `users` is the terse cousin: just space-separated usernames.

Zshunix
who

Identical coreutils binary on Linux; macOS BSD `who` has slightly different flags (no `-a`, but `who -H` adds headers). On macOS, `who am i` (three words) is the historic way to ask "who is on THIS terminal" — returns one line for the current pty, useful inside a script that was invoked over SSH and needs to know the source IP (column 5).

Fishunix
who

Same external. For "what other sessions am I currently running", `who | grep $USER` (or fish-native `who | string match $USER`) shows every concurrent login as your account — useful for spotting "did I forget to log out of that server an hour ago?". On systemd hosts, `loginctl list-sessions --user $USER` gives a richer view including each session's service / class / leader PID.

PowerShellwindows
quser

`quser` (also accessible via `query user`) is the Windows Server / RDP-era binary that prints active sessions including console + RDP. Output columns: USERNAME, SESSIONNAME, ID, STATE (Active / Disc), IDLE TIME, LOGON TIME. Available on every modern Windows; Server SKUs include it always, client SKUs since Win10 1709. For object output instead of fixed-width text: `Get-CimInstance Win32_LogonSession` (much harder to interpret — `quser` is the right tool here).

cmd.exewindows
query user

Same underlying binary as pwsh `quser` — invokable as either `quser` or the older two-word form `query user`. Add a username to filter: `query user alice`. Add a remote server: `query user /server:DC01`. Returns exit code 1 if no sessions match — usable in batch scripts as a "is anyone logged in?" test.

Worked examples

List all current sessions

Bash
who
Zsh
who
Fish
who
PowerShell
quser
cmd.exe
query user

Show only the current pty / session

Bash
who am i
PowerShell
quser $env:USERNAME
cmd.exe
query user %USERNAME%

Show login + idle + load (richer than `who`)

Bash
w
Zsh
w
Fish
w
PowerShell
Get-CimInstance Win32_LoggedOnUser
cmd.exe
query session

Gotchas

  • `who` reads `/var/run/utmp` (current) and `/var/log/wtmp` (history, via `last`). Both files are append-only logs that PAM writes on login. If your distro's init / login system bypasses PAM (some container init scripts, embedded systems), `who` shows nothing even though sessions are active — `loginctl list-sessions` (systemd) or `ps -eo pid,user,tty` (filter by tty) is the fallback.
  • macOS `who am i` returns the user on the CURRENT terminal — but only if your terminal device is in utmp. Modern terminal emulators (iTerm2, Terminal.app, ghostty) record the pty; remote SSH sessions also do. But shells launched by `tmux new-session` from a daemonized tmux server may not be in utmp depending on tmux version — `who am i` then returns nothing. Use `id -un` for "my username on this terminal" if `who` is unreliable.
  • Windows `quser` truncates usernames to 20 chars (legacy SAM limit) — long UPNs are shown as `alice.long-…`. For full names use `Get-CimInstance Win32_LogonSession | Get-CimAssociatedInstance -Association Win32_LoggedOnUser`. The truncation matters for scripts that compare `quser` output against `$env:USERNAME`: if your username is > 20 chars (rare, but UPN-style emails as username can hit it), the comparison silently fails.
  • Both `who` and `quser` are POINT-IN-TIME — they describe sessions THAT EXIST RIGHT NOW. For "who logged in over the last 30 days" use `last -F` (Unix, reads wtmp) or `Get-EventLog Security -InstanceId 4624 | Where-Object {$_.TimeGenerated -gt (Get-Date).AddDays(-30)}` (Windows, reads Security event log 4624 = successful logon). Different data source, different retention behaviour.
  • `quser` returns exit code 1 if the requested user has no active sessions ("No User exists for *"). Scripts that pipe `quser` into `Where-Object` will lose that signal — wrap with `$LASTEXITCODE` or use `Get-Process -IncludeUserName -Name explorer` as the more reliable "is this user actively using the desktop" check.

WSL & PowerShell Core notes

pwshNo native pwsh cmdlet for "current sessions" — `quser` is Windows-only. On Linux / macOS pwsh, shell out: `& who`. For object output cross-platform, `Get-CimInstance` works on Windows pwsh, but Linux / macOS pwsh has no CIM provider for sessions — parse `who` output with `-split` or use `loginctl --output=json list-sessions` on systemd hosts (`ConvertFrom-Json` makes it a usable object).
WSLInside WSL, `who` reflects sessions inside the WSL VM only — NOT your Windows desktop session, NOT your RDP connections to the host. `who` on a fresh `wsl.exe` invocation typically shows zero sessions (no PAM login happened) or shows just yourself if you logged in via SSH-to-WSL. To see Windows-host sessions from inside WSL, call out: `quser.exe` (the `.exe` works directly from WSL bash and reaches the Windows-side binary).

Related commands