diff --git a/setup/login-alerts.sh b/setup/login-alerts.sh index 3741f59a..c5dd53c8 100644 --- a/setup/login-alerts.sh +++ b/setup/login-alerts.sh @@ -1,21 +1,22 @@ #!/bin/bash +# Create a script to be called when a user logs in cat << 'EOF' > /etc/ssh/login-alert.sh #!/bin/bash source /etc/mailinabox.conf # load global vars if [ "$PAM_TYPE" != "close_session" ]; then - IP=$(echo $SSH_CONNECTION | cut -d ' ' -f 1) + # send alert sendEmail -q -f "bot@$PRIMARY_HOSTNAME" -t "admin@$PRIMARY_HOSTNAME" -u "SSH Login: $PAM_USER from $PAM_RHOST" -m "If you don't recognize this login, your key or password may be compromised." fi EOF -chmod +x /etc/ssh/login-alert.sh +chmod +x /etc/ssh/login-alert.sh # make script executable -if grep -Fq "login-alert" /etc/pam.d/sshd +if grep -Fq "login-alert" /etc/pam.d/sshd # if line has already been added to sshd then - : + : # do nothing else - echo 'session optional pam_exec.so seteuid /etc/ssh/login-alert.sh' >> /etc/pam.d/sshd + echo 'session optional pam_exec.so seteuid /etc/ssh/login-alert.sh' >> /etc/pam.d/sshd # otherwise add the line fi