Last active
July 9, 2019 19:56
-
-
Save HopHouse/9142a526f05e587859046495e7701bf0 to your computer and use it in GitHub Desktop.
Send Telegram noification after SSH connection
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#!/bin/bash | |
# Edit /etc/pam.d/sshd and put the following line: | |
# session optional pam_exec.so /root/telegram.sh | |
USERID="<USER ID>" | |
KEY="<KEY>" | |
TIMEOUT="10" | |
URL="https://api.telegram.org/bot$KEY/sendMessage" | |
DATE_EXEC="$(date "+%d %b %Y %H:%M")" #Collect date & time. | |
TMPFILE='$(mktemp)' #Create a temporary file to keep data in. | |
if [[ "$PAM_TYPE" = "open_session" ]]; then | |
IP=$(echo $SSH_CLIENT | awk '{print $1}') #Get Client IP address. | |
PORT=$(echo $SSH_CLIENT | awk '{print $3}') #Get SSH port | |
HOSTNAME=$(hostname -f) #Get hostname | |
IPADDR=$(hostname -I | awk '{print $1}') | |
curl https://ipinfo.io/$IP -s -o $TMPFILE #Get info on client IP. | |
CITY=$(cat $TMPFILE | sed -n 's/^ "city":[[:space:]]*//p' | sed 's/"//g') #C lient IP info parsing | |
REGION=$(cat $TMPFILE | sed -n 's/^ "region":[[:space:]]*//p' | sed 's/"//g' ) | |
COUNTRY=$(cat $TMPFILE | sed -n 's/^ "country":[[:space:]]*//p' | sed 's/"// g') | |
ORG=$(cat $TMPFILE | sed -n 's/^ "org":[[:space:]]*//p' | sed 's/"//g') | |
TEXT="$DATE_EXEC: ${USER} logged in to $HOSTNAME ($IPADDR) from $IP - $ORG - $CITY, $REGION, $COUNTRY port $PORT" | |
curl -s --max-time $TIMEOUT -d "chat_id=$USERID&disable_web_page_preview=1&te xt=$TEXT" $URL > /dev/null | |
rm $TMPFILE #clean up after | |
fi |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment