Friday, June 3, 2016

How to Setup SSH Login Email Alert for Mac OS X

This tutorial will discuss how to setup email alert for ssh login to your Mac OS X system. In particular, this has been tested on El Capitan only, but I am pretty sure that it should work with other versions as well. This is based on this post with slight modification.

First, create /etc/ssh/sshrc file with the following content
#!/bin/bash
ADDRESS="your_email@example.com"
IP=`echo $SSH_CONNECTION | cut -d " " -f 1`
DATE=`date`
echo "User $USER just logged in from $IP at $DATE" | mail -s "ssh login alert" "$ADDRESS"

Make sure to enter your own email address above to receive the alert mails. Set the owner of the file as root and set the execution flag.
$ sudo chown root /etc/ssh/sshrc && sudo chmod u+x /etc/ssh/sshrc

By the way, make sure there is no ~/.ssh/rc file, because the above script file won't be executed if ~/.ssh/rc file exists. To see more details on this, read sshd manual and search for sshrc
$ man sshd
/sshrc

This should do it. Make sure to check your spam folder for the alert mails.

No comments:

Post a Comment