Kill conection vis SSH


#1

I am integrating the vyos with an incident response service.

The main idea is that when this second platform finds a suspicious connection, it can connect to the vyos via SSH and close that connection.

I tried with: tcpkill -i eth0 host x.x.x.x

But he does not recognize the command.

Any idea how I should do this?

Thank you!


#2

This worked for me.

vyos@vyos:~$ sudo bash
root@vyos:/home/vyos# who
vyos     pts/0        Jun 29 19:31 (172.30.1.17)
hero     pts/1        Jun 29 19:54 (172.30.1.17)
root@vyos:/home/vyos# ps -ef | grep pts/1 | grep ssh
hero       475   473  0 19:54 ?        00:00:00 sshd: hero@pts/1       
root@vyos:/home/vyos# kill 475

Here’s a one liner:

kill $(ps -ef | grep ^hero | grep sshd | awk '{print $2}')