diff options
| author | Oxbian <got.dacs@slmail.me> | 2023-04-26 22:02:57 +0200 |
|---|---|---|
| committer | Oxbian <got.dacs@slmail.me> | 2023-04-26 22:02:57 +0200 |
| commit | 2970e7e6a999a2133b4d5539c045dc55b454705d (patch) | |
| tree | 3491398b2ba79ef2c5a1f9e233894c68a9b06efa | |
| parent | 1fefea60f509732f928365197c921b9b8dbfeab6 (diff) | |
| download | matrix-monitoring-2970e7e6a999a2133b4d5539c045dc55b454705d.tar.gz matrix-monitoring-2970e7e6a999a2133b4d5539c045dc55b454705d.zip | |
Adding SSH notification script
| -rw-r--r-- | README.md | 41 | ||||
| -rwxr-xr-x | login-notify.sh | 11 |
2 files changed, 48 insertions, 4 deletions
@@ -17,20 +17,53 @@ git clone https://github.com/Oxbian/matrix-monitoring.git git submodule update --init --recursive ``` +## Update + +To get the latest update from this repo, you will need to run those commands in the matrix-monitoring folder: + +```bash +git stash +git pull origin main +git pull --recurse-submodules +git stash pop +``` + +Thanks to those commands you will be able to get the last update without losing your token & configurations. + ## Logwatch -First you need to configure matrix-sender, I recommand you to check the repo [matrix-sender](https://github.com/Oxbian/matrix-sender). +First you need to configure matrix-sender, I recommand you to check the repo [matrix-sender](https://github.com/Oxbian/matrix-sender). -After that you need to edit `logwatch.sh` to add the `matrix.sh` absolute path. +After that you need to edit `logwatch.sh` to add the `matrix.sh` absolute path. -Now you can add the script to your crontab, `sudo crontab -e`. +Now you can add the script to your crontab, `sudo crontab -e`. ```bash 0 0 * * * /home/oxbian/matrix-monitoring/logwatch.sh ``` +## SSH Login + +The script `login-notify.sh` will allow you to get a message when someone successfully open a SSH connection on your server. + +First, you will need to have matrix-sender configured, then add the path of matrix.sh in the `login-notify.sh` script. + +After that I recommand to create a symlink of this file in `/etc/ssh` and let the access to root only for security reason. + +```bash +sudo ln -sf "$(pwd)/login-notify.sh" /etc/ssh/login-notify.sh +sudo chown root:root /etc/ssh/login-notify.sh +``` + +After that you will need to add those lines in your pam configuration `/etc/pam.d/sshd`: + +```bash +#Send a message on SSH connection +session optional pam_exec.so seteuid /etc/ssh/login-notify.sh +``` + ## Contributing -If you want to contribute, make a pull request with your contribution. +If you want to contribute, make a pull request with your contribution. ## License diff --git a/login-notify.sh b/login-notify.sh new file mode 100755 index 0000000..8c2da2f --- /dev/null +++ b/login-notify.sh @@ -0,0 +1,11 @@ +#!/bin/sh + +# Absolute path of the matrix.sh file +MATRIX_PATH='' + +if [ "$PAM_TYPE" != "close_session" ]; then + host="$(hostname)" + message="SSH Login: $PAM_USER from $PAM_RHOST on $host" + $MATRIX_PATH -s $message +fi + |