Get email alerts on SSH login

karthick87 · #1 19th May 2012, 06:08 PM

Am using Fedora 16. I just want to get Email Alerts on ssh login into my system. Is it possible ? How do i set it up ?

jpollard · #2 19th May 2012, 06:45 PM

Depends on how reliable you want it.

One simple way is to have the /etc/profile file send mail.

Another, though much more complex, is to modify the PAM module used during login to send mail. This method would be reliable.

So the simple answer is yes, it is possible. Just not necessarily reliable.

Doug G · #3 20th May 2012, 12:47 AM

Guessing, I think there may be a hook you can put in sshd_config on the server.

flyingfsck · #4 20th May 2012, 10:11 AM

Yup, you could use the Forcecommand option in sshd_config to send an email upon login using the sendmail or mail commands.

stevea · #5 20th May 2012, 02:08 PM

I'm not sure exactly what the goal is here.

All sshd logins are logged in /var/log/secure, so the logs for his file could be redirected to a tcp connection which could be something as simple as a netcat command.

The pam_exec module can send emails or do most anything else.

The sshd ForceCommand feature replaces the login shell or the command - so it i not particularly useful.

But if the problem is that you are worried that someone has cracked system - then you should reconfigure sshd to avoid that possibility. Configure the sshd authentications to require keys (disable passwords) then install a key and be careful with the private half & any passphrase.

karthick87 · #6 16th June 2012, 01:46 AM

Hi all,

Recently i have got mail for all root ssh login. Where i have configured the settings in bash_profile, but the same stopped working without doing any modifications. Could anyone help me to traceout the problem or give me fix pls?