You are not logged in.
How can I setup my box to text me whenever anyone logs in via ssh? I have an SMTP server and know how to shoot an email, just not sure how to get sshd to trigger that event.
Offline
Create a global bashrc file and make sure all users .bashrc sources that file. For example, I have /etc/bashrc which does EVERYTHING I want, and I just make every users .bashrc source it: . /etc/bashrc
Obviously will only work if users use bash as their shell, and you trust them not to edit their .bashrc to remove the sourcing of the global file.
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
For added security, change all users' shells from bash or whatever they use to a script. Whatever component handles logins will see the script and execute it with (I think) 'sh', so it assumedly needs to be written for sh.
Whatever's in the script will be run regardless of user preference as the script is registered as their shell, sooo...
Be sure to end the script with 'bash' so the user actually gets a shell!
Notes:
- The 'chsh' utility can be used to change current accounts' shells.
- Unless the location and name of your script is specified in /etc/shells, chsh will not be able to set it as a shell unless you run chsh under the root account.
- The 'adduser' utility, if you use it, is a Perl script located in /usr/sbin, and the default shell can easily be set to your script by changing the 'defshell' variable near the top.
-dav7
Last edited by dav7 (2008-09-24 05:22:30)
Windows was made for looking at success from a distance through a wall of oversimplicity. Linux removes the wall, so you can just walk up to success and make it your own.
--
Reinventing the wheel is fun. You get to redefine pi.
Offline
change all users' shells from bash or whatever they use to a script.
What an excellent solution
Whatever component handles logins will see the script and execute it with (I think) 'sh', so it assumedly needs to be written for sh.
Presumably it would run at whatever is at the start of the script. Eg:
#!/bin/bash
or
#!/bin/sh
or
#!/bin/dash
etc etc
Are you familiar with our Forum Rules, and How To Ask Questions The Smart Way?
BlueHackers // fscanary // resticctl
Offline
Or run a daemon that monitors /var/log/auth.log.
Offline
All good ideas. I will attempt to write a logfile monitoring script in perl. I don't like the idea of getting a text message whenever someone logs in, as there are more local logins than remote SSH logins. For some reason I thought either sshd or tcpd could trigger a script to notify me. In fact, is there an easy way to setup a file in /etc/xinetd.d for sshd and have it call a wrapper script that pages me with the user/ip?
Offline
This is an interesting idea, so I did some research.
My first thought was to have a udev rule RUN a program on the creation of /dev/pts/X, but I couldn't get that to work. I'm not very good with udev though.
Another option is to stick with the .bashrc idea. If you type 'env' in your shell while SSH'ed in, you'll see a few environment variables dealing with SSH that you could right a script around. Even include the connecting IP of the SSH session in the text. This one works and is fairly simple.
#if SSH_CLIENT defined run text.sh with $SSH_CLIENT as an argument
if [[ -n ${SSH_CLIENT} ]]; then
/usr/local/bin/text.sh $SSH_CLIENT
fi
If you use keys to authenticate there is a way to have ssh run a forced command upon login. Details are here:
http://oreilly.com/catalog/sshtdg/chapter/ch08.html
Also you could use the ForceCommand option in sshd_config
Just remember that with forced commands you want to push them to a script which then ends by executing a shell.
#!/bin/bash
command to text
/bin/bash
Last edited by xvalentinex (2008-09-26 07:15:27)
Offline
Should probably change that to "exec /bin/bash"
[git] | [AURpkgs] | [arch-games]
Offline