Everyday, we receive various email notifications. Our bank sends us a notification when we login or there is a transfer, Google notifies us when we login from an unrecognised computer. Yet, most of us won't take the 2-3 minutes needed to add notifications for when we login to our servers! This could make a serious impact on how quickly we can respond to 3rd party intruders.
Note! This will only work if you are using bash as your default shell. And you should, because it's awesome.
We will add a couple of lines to our ~/.bashrc file (for Ubuntu/Debian) users, that will get executed everytime our user logs into the server.
Estimated total time: Less than 3 minutes
Debian/Ubuntu
Open up your bashrc file on Ubuntu/Debian:
nano ~/.bashrc
At the end put paste these lines, but first change [email protected] to your actual email!
##########################
# SSH Login Notification #
##########################
IP="$(echo $SSH_CONNECTION | cut -d " " -f 1)"
HOSTNAME=$(hostname)
NOW=$(date +"%e %b %Y, %a %r")
echo $HOSTNAME ' login notification: '$IP' logged in to your server '$NOW'.' | mail -s 'SSH Login Notification' [email protected]
Save and exit. Login again to your server to test. If you don't have "mail" installed, you'll have to tweak the last line. If your server is blocked from directly sending email, you can use an external SMTP server, such as your Gmail account.
Change the last line of the snippet above to this:
echo $HOSTNAME ' login notification: '$IP' logged in to your server '$NOW'.' | mailx -s 'SSH Login Notification' -S smtp=smtp://yoursmtpserver.com -S smtp-auth=login -S smtp-auth-user=YOUR_USERNAME -S smtp-auth-password=YOUR_PASSWORD -S from='Sender Name <[email protected]>' [email protected]
You'll have to edit it first, and add your SMTP server details.
mailx is usually preinstalled. If it is not on your system, install it with sudo apt-get install mailx
CentOS users:
If you are on CentOS, everything is the same, except you'll have to add these lines to ~/.bash_profile instead of ~/.bashrc.
Extra tip
If your mobile provider allows you to receive SMS notifications for their emails, then you can use that email. Each login notification will end up in your mobile phone as an SMS. Useful for when you don't have mobile data coverage and no WiFi is available. Though, you probably won't be able to do something in that case...
Other stuff in the Server 101 series:
- Intro and getting into your server - Single Article
- Basic Server Security - 3 Parts
- Setting up a Web Server - 4 Parts
- Managing Your Server - 4 Parts
- caddy - Lightweight Web Server - 1 Part
- Emailify your server! - 6 Parts
- Setting up a Password-Protected proxy server with Squid - 1 Part
- OpenVPN in less than 2 minutes
- Piwik - Your personal Google Analytics alternative
If you need a place to host your servers consider Vultr, Digital Ocean and BuyVM.
These are affiliate links. If you sign up through them, you support me and I will have more free time to write more content like this.
Also If you signup for Digital Ocean through my affiliate link, you will get $10 to try them out. Note: to battle abusers of this offer, you'll have to make a $5 deposit via Paypal or add your credit/debit card, so they can confirm that you are a new user. I did a deposit via Paypal to test them out, and then I added my credit card so I won't have to deposit money manually every now and then.
Great post. Always like to see some bash fu. Keep up with to good linux posts! 🐱💻🐱💻🐱💻🐱💻
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
Very good observation and a good how to tutorial.
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit
A very good article
Downvoting a post can decrease pending rewards and make it less visible. Common reasons:
Submit