Sshrc: Difference between revisions

From Coolscript
Jump to navigation Jump to search
No edit summary
No edit summary
 
(2 intermediate revisions by the same user not shown)
Line 1: Line 1:
E-Mail Alert on SSH Login Event
E-Mail or Telegram Alert on SSH Login Event
*/etc/ssh/sshrc
*/etc/ssh/sshrc


==Telegram=
=Telegram=
#!/bin/sh
#!/bin/sh
#Send a Telegram message on boot
#Send a Telegram message on boot
TELEGRAM_CHAT_ID="xxx"
TELEGRAM_CHAT_ID="xxx"
TELEGRAM_BOT_TOKEN="xxx"
TELEGRAM_BOT_TOKEN="xxx"
ipaddr=`echo $SSH_CONNECTION | cut -d " " -f 1`
ipaddr=`echo $SSH_CONNECTION | cut -d " " -f 1`
Hostname=`hostname`
Hostname=`hostname`
NOW=$( date '+%F_%H%M%S' )
NOW=$( date '+%F_%H%M%S' )
export LANG=C
export LANG=C
MESSAGE="$(echo "<strong>SSH Login</strong>
MESSAGE="$(echo "<strong>SSH Login</strong>
From IP: $ipaddr
From IP: $ipaddr
To Host: $Hostname
To Host: $Hostname
Date: $NOW ")"
Date: $NOW ")"
logger "Debug Reboot Message"
logger "Debug Reboot Message"
logger $MESSAGE
logger $MESSAGE
/usr/bin/curl --connect-timeout 5 --max-time 10 --silent --output /dev/null \
  /usr/bin/curl --connect-timeout 5 --max-time 10 --silent --output /dev/null \
     --data-urlencode "chat_id=${TELEGRAM_CHAT_ID}" \
     --data-urlencode "chat_id=${TELEGRAM_CHAT_ID}" \
     --data-urlencode "text=${MESSAGE}" \
     --data-urlencode "text=${MESSAGE}" \

Latest revision as of 23:32, 20 January 2023

E-Mail or Telegram Alert on SSH Login Event

  • /etc/ssh/sshrc

Telegram

#!/bin/sh
#Send a Telegram message on boot
TELEGRAM_CHAT_ID="xxx"
TELEGRAM_BOT_TOKEN="xxx"
ipaddr=`echo $SSH_CONNECTION | cut -d " " -f 1`
Hostname=`hostname`
NOW=$( date '+%F_%H%M%S' )
export LANG=C
MESSAGE="$(echo "SSH Login
From IP: $ipaddr
To Host: $Hostname
Date: $NOW ")"
logger "Debug Reboot Message"
logger $MESSAGE
 /usr/bin/curl --connect-timeout 5 --max-time 10 --silent --output /dev/null \
   --data-urlencode "chat_id=${TELEGRAM_CHAT_ID}" \
   --data-urlencode "text=${MESSAGE}" \
   --data-urlencode "parse_mode=HTML" \
   --data-urlencode "disable_web_page_preview=true" \
   "https://api.telegram.org/bot${TELEGRAM_BOT_TOKEN}/sendMessage"

Email

#!/bin/bash
#email on ssh login
ip=`echo $SSH_CONNECTION | cut -d " " -f 1`
Hostname=`hostname`
NOW=$( date '+%F_%H:%M:%S' )
Country=`curl -s https://ipapi.co/$ip/country/` > /dev/null

echo  "
UTC Date/Time: $NOW
IP Address: $ip
Country: $Country
Target Hostname: $Hostname
User: $USER
" | mail -s "SSH Login Alert From: $ip" user@domain.com
Retrieved from "https://coolscript.org/index.php?title=Sshrc&oldid=887"