Add script that sends email if user successfully logs in over SSH
This commit is contained in:
parent
4628db3109
commit
74e3f9c677
GPG Key ID:
186A8AD440942BAF
1
mail_on_ssh/.gitignore
vendored
Normal file
1
mail_on_ssh/.gitignore
vendored
Normal file
@ -0,0 +1 @@
|
||||
mail_on_ssh.conf
|
||||
8
mail_on_ssh/README.md
Normal file
8
mail_on_ssh/README.md
Normal file
@ -0,0 +1,8 @@
|
||||
# Installation
|
||||
|
||||
After setting up mail_on_ssh.conf, add the following configuration to `/etc/pam.d/sshd`
|
||||
|
||||
```
|
||||
# Send an email if somebody logs in successfully over SSH
|
||||
session optional pam_exec.so seteuid $PATH2SERVER_SCRIPTS/mail_on_ssh/mail_on_ssh.sh -c $PATH2SERVER_SCRIPTS/mail_on_ssh/mail_on_ssh.conf
|
||||
```
|
||||
4
mail_on_ssh/mail_on_ssh.conf.example
Normal file
4
mail_on_ssh/mail_on_ssh.conf.example
Normal file
@ -0,0 +1,4 @@
|
||||
#################################################################
|
||||
# Config
|
||||
#################################################################
|
||||
RECEPIENT='' # Send email to this address
|
||||
55
mail_on_ssh/mail_on_ssh.sh
Executable file
55
mail_on_ssh/mail_on_ssh.sh
Executable file
@ -0,0 +1,55 @@
|
||||
#!/bin/bash
|
||||
#################################################################
|
||||
# Check availability of software
|
||||
#################################################################
|
||||
function availability {
|
||||
if [[ ! $(command -v $1) ]]; then
|
||||
echo Error: '$1' is not available but required. Please install it!
|
||||
exit 1
|
||||
fi
|
||||
}
|
||||
|
||||
availability mail
|
||||
|
||||
#################################################################
|
||||
# Get arguments
|
||||
#################################################################
|
||||
missingArg()
|
||||
{
|
||||
echo "Error: Please define the configuration to be used!"
|
||||
echo " Usage: $0 -c <configuration_file>"
|
||||
exit 1
|
||||
}
|
||||
|
||||
while getopts "c:" opt
|
||||
do
|
||||
case "$opt" in
|
||||
c ) CONFIG_FILE="$OPTARG" ;;
|
||||
? ) missingArg ;;
|
||||
esac
|
||||
done
|
||||
|
||||
# Check if config was empty
|
||||
if [ -z "$CONFIG_FILE" ]
|
||||
then
|
||||
missingArg
|
||||
fi
|
||||
|
||||
# Check if config file exists
|
||||
if [ ! -f $CONFIG_FILE ]
|
||||
then
|
||||
echo "$CONFIG_FILE does not exist!"
|
||||
exit 1
|
||||
fi
|
||||
|
||||
source $CONFIG_FILE
|
||||
|
||||
#################################################################
|
||||
# Send email
|
||||
#################################################################
|
||||
if [ "$PAM_TYPE" != "close_session" ]; then
|
||||
host="`hostname`"
|
||||
subject="SSH Login: $PAM_USER from $PAM_RHOST on $host"
|
||||
message=$(env)
|
||||
echo "$message" | mail -s "$subject" "$RECEPIENT"
|
||||
fi
|
||||
Loading…
Reference in New Issue
Block a user