physlock

physlock [-d] [-m] [-s] [-p message] [-l]

physlock locks all virtual consoles and prevents unauthorized access to the system. Unlike screen lockers that only protect graphical sessions, physlock secures all TTYs, preventing access through Ctrl+Alt+F1-F6 switching.Authentication is required from the current user or root to unlock. This makes it suitable for securing systems with physical access concerns, particularly servers or kiosks.

-d

Fork and detach (daemonize)

Mute kernel messages while locked

Disable SysRq key while locked

Display message before password prompt

Only lock the current tty

Does not lock graphical displays; use alongside a screen locker (e.g., i3lock, slock) for X11/Wayland sessions. Requires PAM for authentication. Detach mode (-d) is useful in suspend/hibernate scripts (e.g., systemd sleep hooks). SysRq disable is only effective if the kernel has CONFIGMAGICSYSRQ enabled. Must be run as root or with appropriate permissions.

physlock was created by Bert Muennich as a lightweight alternative to vlock. It focuses on securing physical console access with minimal dependencies, making it suitable for embedded and minimal systems.

vlock(1), xlock(1), loginctl(1)