Add script that sends email if user successfully logs in over SSH
This commit is contained in:
parent
4628db3109
commit
74e3f9c677
GPG Key ID:
186A8AD440942BAF
1
mail_on_ssh/.gitignore
vendored
Normal file
1
mail_on_ssh/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
|||||||
|
mail_on_ssh.conf
|
||||||
8
mail_on_ssh/README.md
Normal file
8
mail_on_ssh/README.md
Normal file
@ -0,0 +1,8 @@
|
|||||||
|
# Installation
|
||||||
|
|
||||||
|
After setting up mail_on_ssh.conf, add the following configuration to `/etc/pam.d/sshd`
|
||||||
|
|
||||||
|
```
|
||||||
|
# Send an email if somebody logs in successfully over SSH
|
||||||
|
session optional pam_exec.so seteuid $PATH2SERVER_SCRIPTS/mail_on_ssh/mail_on_ssh.sh -c $PATH2SERVER_SCRIPTS/mail_on_ssh/mail_on_ssh.conf
|
||||||
|
```
|
||||||
4
mail_on_ssh/mail_on_ssh.conf.example
Normal file
4
mail_on_ssh/mail_on_ssh.conf.example
Normal file
@ -0,0 +1,4 @@
|
|||||||
|
#################################################################
|
||||||
|
# Config
|
||||||
|
#################################################################
|
||||||
|
RECEPIENT='' # Send email to this address
|
||||||
55
mail_on_ssh/mail_on_ssh.sh
Executable file
55
mail_on_ssh/mail_on_ssh.sh
Executable file
@ -0,0 +1,55 @@
|
|||||||
|
#!/bin/bash
|
||||||
|
#################################################################
|
||||||
|
# Check availability of software
|
||||||
|
#################################################################
|
||||||
|
function availability {
|
||||||
|
if [[ ! $(command -v $1) ]]; then
|
||||||
|
echo Error: '$1' is not available but required. Please install it!
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
}
|
||||||
|
|
||||||
|
availability mail
|
||||||
|
|
||||||
|
#################################################################
|
||||||
|
# Get arguments
|
||||||
|
#################################################################
|
||||||
|
missingArg()
|
||||||
|
{
|
||||||
|
echo "Error: Please define the configuration to be used!"
|
||||||
|
echo " Usage: $0 -c <configuration_file>"
|
||||||
|
exit 1
|
||||||
|
}
|
||||||
|
|
||||||
|
while getopts "c:" opt
|
||||||
|
do
|
||||||
|
case "$opt" in
|
||||||
|
c ) CONFIG_FILE="$OPTARG" ;;
|
||||||
|
? ) missingArg ;;
|
||||||
|
esac
|
||||||
|
done
|
||||||
|
|
||||||
|
# Check if config was empty
|
||||||
|
if [ -z "$CONFIG_FILE" ]
|
||||||
|
then
|
||||||
|
missingArg
|
||||||
|
fi
|
||||||
|
|
||||||
|
# Check if config file exists
|
||||||
|
if [ ! -f $CONFIG_FILE ]
|
||||||
|
then
|
||||||
|
echo "$CONFIG_FILE does not exist!"
|
||||||
|
exit 1
|
||||||
|
fi
|
||||||
|
|
||||||
|
source $CONFIG_FILE
|
||||||
|
|
||||||
|
#################################################################
|
||||||
|
# Send email
|
||||||
|
#################################################################
|
||||||
|
if [ "$PAM_TYPE" != "close_session" ]; then
|
||||||
|
host="`hostname`"
|
||||||
|
subject="SSH Login: $PAM_USER from $PAM_RHOST on $host"
|
||||||
|
message=$(env)
|
||||||
|
echo "$message" | mail -s "$subject" "$RECEPIENT"
|
||||||
|
fi
|
||||||
Loading…
Reference in New Issue
Block a user