Re: [sshd] send a mail when a event login occur ?

hmurray@xxxxxxxxxxxxxxx (Hal Murray) (06-09-25 19:24:20):

Is there a way to configure the "sshd.conf" to send a
notification's mail when endeavor to login occur ?

Not AFAIK - but writing a PAM module wouldn't be too taxing.

You could also you a cron job to check the log file.

In any case, make sure you don't get mailbombed when the bad guys try
guessing passwords.

The actual problem with this "mail bombing" is that you would reveal all
user names by this method, unless you send signed/encrypted mails. If
you need to see that remotely, then you're better of tail-ing the log
file for your SSHd over an own SSH session, e.g.:

# tail -f /var/log/auth.log

However, somebody may still look over your shoulders in that case.


Relevant Pages

  • Re: Huge disk usage on /var/spool/clientmqueue
    ... You should probably enable it just to make sure that at and cron job ... of filling your disks with undelivered mail, you will be filling them with ... as a log file and rotate it automatically.) ...
  • Re: F15: Erased rpm database!! What now?
    ... recovering from an erasure by using a log file /var/lib/rpmpkgs that a ... cron job did on his system. ... Linux Fedora 15 Lovelock on Casa ...
  • Re: saving old versions of file
    ... Jarmo wrote: ... that every time it runs it saves a log file with same name about the changes ... Not a Perl solution but what about running a cron job at midnight which ...
  • Re: script runs interactively but not via cron
    ... you can also use the nohup command for this like ... it will store the output in a nohup log file. ... Typically if the cron job generates output, it is mailed to the user. ...