mailinabox/setup/login-alerts.sh

#!/bin/bash

# Create a script to be called when a user logs in
cat << 'EOF' > /etc/ssh/login-alert.sh
#!/bin/bash

source /etc/mailinabox.conf # load global vars

if [ "$PAM_TYPE" != "close_session" ]; then
    # send alert
    sendEmail -q -f "bot@$PRIMARY_HOSTNAME" -t "admin@$PRIMARY_HOSTNAME" -u "SSH Login: $PAM_USER from $PAM_RHOST" -m "If you don't recognize this login, your key or password may be compromised."
fi
EOF

chmod +x /etc/ssh/login-alert.sh # make script executable

if grep -Fq "login-alert" /etc/pam.d/sshd # if line has already been added to sshd
then
    : # do nothing
else
    echo 'session optional pam_exec.so seteuid /etc/ssh/login-alert.sh' >> /etc/pam.d/sshd # otherwise add the line
fi
Fixes 2016-09-16 19:04:16 +00:00			`#!/bin/bash`

Add comments 2016-09-16 19:06:17 +00:00			`# Create a script to be called when a user logs in`
Fixes 2016-09-16 19:04:16 +00:00			`cat << 'EOF' > /etc/ssh/login-alert.sh`
			`#!/bin/bash`
Create login-alerts.sh 2016-09-16 16:39:40 +00:00
Fixes 2016-09-16 19:04:16 +00:00			`source /etc/mailinabox.conf # load global vars`
Create login-alerts.sh 2016-09-16 16:39:40 +00:00
			`if [ "$PAM_TYPE" != "close_session" ]; then`
Add comments 2016-09-16 19:06:17 +00:00			`# send alert`
Fixes 2016-09-16 19:04:16 +00:00			`sendEmail -q -f "bot@$PRIMARY_HOSTNAME" -t "admin@$PRIMARY_HOSTNAME" -u "SSH Login: $PAM_USER from $PAM_RHOST" -m "If you don't recognize this login, your key or password may be compromised."`
Fix domain 2016-09-16 16:56:05 +00:00			`fi`
			`EOF`
Create login-alerts.sh 2016-09-16 16:39:40 +00:00
Add comments 2016-09-16 19:06:17 +00:00			`chmod +x /etc/ssh/login-alert.sh # make script executable`
Create login-alerts.sh 2016-09-16 16:39:40 +00:00
Add comments 2016-09-16 19:06:17 +00:00			`if grep -Fq "login-alert" /etc/pam.d/sshd # if line has already been added to sshd`
Fixes 2016-09-16 19:04:16 +00:00			`then`
Add comments 2016-09-16 19:06:17 +00:00			`: # do nothing`
Fixes 2016-09-16 19:04:16 +00:00			`else`
Add comments 2016-09-16 19:06:17 +00:00			`echo 'session optional pam_exec.so seteuid /etc/ssh/login-alert.sh' >> /etc/pam.d/sshd # otherwise add the line`
Fixes 2016-09-16 19:04:16 +00:00			`fi`