#security #Linux #e-mail #ssh

If you want/need an information about who is when logging in into a server and don’t have a centralized logging/information infrastructure, an easy way is to activate an email notification when someone is logging in via ssh. For that you can use this script and put it somewhere like /usr/local/bin/.

Then edit the script to add your e-mail address:

 

notification_mail = “<YOUR_MAILADDR>”

 

To make this work, you have to make sure that the script runs every time someone is logging in via ssh. There are multiple ways to get there, an easy way is to create this file:

nano /etc/ssh/sshrc

add this line to the file:

 

# python3 /usr/local/bin/login_notify.py

 

You will now get an e-mail with every login which looks like this:

 

SSH login on <SERVER_HOSTNAME>:

Host: <SERVER_HOSTNAME>
from ip: <SSH_IP> (REVERSE_DNS)
ssh user: SSH_USER