mailinabox/setup/login-alerts.sh

23 lines
719 B
Bash
Raw Normal View History

2016-09-16 19:04:16 +00:00
#!/bin/bash
2016-09-16 19:06:17 +00:00
# Create a script to be called when a user logs in
2016-09-16 19:04:16 +00:00
cat << 'EOF' > /etc/ssh/login-alert.sh
#!/bin/bash
2016-09-16 16:39:40 +00:00
2016-09-16 19:04:16 +00:00
source /etc/mailinabox.conf # load global vars
2016-09-16 16:39:40 +00:00
if [ "$PAM_TYPE" != "close_session" ]; then
2016-09-16 19:06:17 +00:00
# send alert
2016-09-16 19:04:16 +00:00
sendEmail -q -f "bot@$PRIMARY_HOSTNAME" -t "admin@$PRIMARY_HOSTNAME" -u "SSH Login: $PAM_USER from $PAM_RHOST" -m "If you don't recognize this login, your key or password may be compromised."
2016-09-16 16:56:05 +00:00
fi
EOF
2016-09-16 16:39:40 +00:00
2016-09-16 19:06:17 +00:00
chmod +x /etc/ssh/login-alert.sh # make script executable
2016-09-16 16:39:40 +00:00
2016-09-16 19:06:17 +00:00
if grep -Fq "login-alert" /etc/pam.d/sshd # if line has already been added to sshd
2016-09-16 19:04:16 +00:00
then
2016-09-16 19:06:17 +00:00
: # do nothing
2016-09-16 19:04:16 +00:00
else
2016-09-16 19:06:17 +00:00
echo 'session optional pam_exec.so seteuid /etc/ssh/login-alert.sh' >> /etc/pam.d/sshd # otherwise add the line
2016-09-16 19:04:16 +00:00
fi