Re: [sshd] send a mail when a event login occur ?
- From: Ertugrul Soeylemez <never@xxxxxxxxxxxxxx>
- Date: Tue, 26 Sep 2006 10:16:36 +0200
hmurray@xxxxxxxxxxxxxxx (Hal Murray) (06-09-25 19:24:20):
Is there a way to configure the "sshd.conf" to send a
notification's mail when endeavor to login occur ?
Not AFAIK - but writing a PAM module wouldn't be too taxing.
You could also you a cron job to check the log file.
In any case, make sure you don't get mailbombed when the bad guys try
The actual problem with this "mail bombing" is that you would reveal all
user names by this method, unless you send signed/encrypted mails. If
you need to see that remotely, then you're better of tail-ing the log
file for your SSHd over an own SSH session, e.g.:
# tail -f /var/log/auth.log
However, somebody may still look over your shoulders in that case.