gidoBOSSftw5731/README.md

## README.md

      
    Raw
  

              README.md
            
          
    This sends an email to the address specified with the environment variables of the session on every session creation (every login, not counting sudo.)
Env variables for SSH include the public key, the IP address, and whatever other authentication was done.

  
## common-session
#please PREPEND this to /etc/pam.d/common-session, do NOT replace it.

session	required	pam_exec.so	/etc/pam.scripts/ssh_alert.sh

## ssh_alert.sh
#!/bin/bash
#location: /etc/pam.scripts/ssh_alert.sh

if [ "$PAM_TYPE" != "close_session" ]; then
    host="`hostname -s`"
	# Change these two lines where applicable
	sender="root@$host <root@`hostname`>"
	recepient="root+pam@insertyourdomainhere.tld"


    subject="Login: $PAM_USER from $PAM_RHOST on $host"
    # Message to send, e.g. the current environment variables.
    #add date to the environment variables as a timestamp
	export date=`date`
	#replace newlines with \n
	message="$(env|sed -E ':a;N;$!ba;s/\r{0,1}\n/\\n/g')"

	printf "Subject: $subject\nTo: $recipient\n\n$message" | /usr/sbin/sendmail -f "$sender" "$recepient"
fi

exit 0
	#please PREPEND this to /etc/pam.d/common-session, do NOT replace it.

	session required pam_exec.so /etc/pam.scripts/ssh_alert.sh
	#!/bin/bash
	#location: /etc/pam.scripts/ssh_alert.sh

	if [ "$PAM_TYPE" != "close_session" ]; then
	host="`hostname -s`"
	# Change these two lines where applicable
	sender="root@$host <root@`hostname`>"
	recepient="root+pam@insertyourdomainhere.tld"


	subject="Login: $PAM_USER from $PAM_RHOST on $host"
	# Message to send, e.g. the current environment variables.
	#add date to the environment variables as a timestamp
	export date=`date`
	#replace newlines with \n
	message="$(env\|sed -E ':a;N;$!ba;s/\r{0,1}\n/\\n/g')"

	printf "Subject: $subject\nTo: $recipient\n\n$message" \| /usr/sbin/sendmail -f "$sender" "$recepient"
	fi

	exit 0