Skip to content

Instantly share code, notes, and snippets.

@parrazam

parrazam/ssh_alert_script_pam.sh

Last active May 31, 2023 15:35
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save parrazam/585f0ce64c438fefb1b8f63bb0f20b2a to your computer and use it in GitHub Desktop.
Save parrazam/585f0ce64c438fefb1b8f63bb0f20b2a to your computer and use it in GitHub Desktop.
Download ZIP
SSH session alert script
Raw
ssh_alert_script_pam.sh
#!/bin/bash
# This script should be allocated in /etc/pam.scripts/ssh_alert.sh
# Then, in /etc/pam.d/sshd add this line:
# # SSH Alert script
# session required pam_exec.so /etc/pam.scripts/ssh_alert.sh
echo $PAM_TYPE
# Ntfy vars
TOPIC="`hostname`-ssh"
MSG=""
HOST="`hostname`"
PRIORITY="high"
TAG_SSH="ssh"
case $PAM_TYPE in
"open_session")
MSG="[$(date +"%Y-%m-%d %H:%M:%S")] - El usuario $PAM_USER se ha logado desde $PAM_RHOST via $PAM_SERVICE (TTY $PAM_TTY)."
TAGS="$TAG_SSH,$HOST,warning"
;;
"close_session")
MSG="[$(date +"%Y-%m-%d %H:%M:%S")] - El usuario $PAM_USER ha salido."
PRIORITY="default"
TAGS="$TAG_SSH,$HOST,white_check_mark"
;;
esac
/usr/share/local/bin/publishMessageToNtfy.sh -t $TOPIC -T "SSH login [$HOST]" -m "$MSG" -p $PRIORITY -x $TAGS >> /dev/null
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment