Skip to content

Instantly share code, notes, and snippets.

@Nuukem
Last active November 26, 2019 04:38
Show Gist options
  • Save Nuukem/19d61735776cc6cedf5696282172dd82 to your computer and use it in GitHub Desktop.
Save Nuukem/19d61735776cc6cedf5696282172dd82 to your computer and use it in GitHub Desktop.
Send Pushover notification when user connects via SSH

Send Pushover notification when user connects via SSH

Guide pulled from here

Be sure to connect via SSH to a second session in case there's a problem

Create the script file.

sudo nano /etc/ssh/login-notify.sh

Paste in contents of login-notify.sh file below.

Allow script to be executed.

sudo chmod +x /etc/ssh/login-notify.sh

Now modify /etc/pam.d/sshd to add script call

sudo nano /etc/pam.d/sshd

Paste in this line below existing session optional commands:

# Send notification on user connect
session optional pam_exec.so seteuid /etc/ssh/login-notify.sh

For testing purposes, the module is included as optional, so that you can still log in if the execution fails. After you made sure that it works, you can change optional to required. Then login won't be possible unless the execution of your hook script is successful (if that is what you want).

#!/bin/sh
# Change these two lines:
PUSHOVER_USER_KEY=""
PUSHOVER_APP_KEY=""
CLIENT=""
USE_HTML_FORMAT=0
# update line below to point to the interface you want the IP Address for. Ex. eth0, wlan0, etc.
IPADDRESS=$(ifconfig eth0 | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p')
if [ "$PAM_TYPE" != "close_session" ]; then
host="`hostname`"
TITLE="SSH Login: $PAM_USER from $PAM_RHOST on $CLIENT [$IPADDRESS]"
# Message to send, e.g. the current environment variables.
MESSAGE="`env`"
wget https://api.pushover.net/1/messages.json --post-data="token=$PUSHOVER_APP_KEY&user=$PUSHOVER_USER_KEY&message=$MESSAGE&title=$TITLE&html=$USE_HTML_FORMAT" -qO- > /dev/null 2>&1 &
fi
if [ "$PAM_TYPE" = "close_session" ]; then
host="`hostname`"
TITLE="SSH Disconnect: $PAM_USER @ $CLIENT [$IPADDRESS]"
# Message to send, e.g. the current environment variables.
MESSAGE="`env`"
wget https://api.pushover.net/1/messages.json --post-data="token=$PUSHOVER_APP_KEY&user=$PUSHOVER_USER_KEY&message=$MESSAGE&title=$TITLE&html=$USE_HTML_FORMAT" -qO- > /dev/null 2>&1 &
fi
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment