This is similar to this post but not exactly.
First, you need to install mailx
# yum install -y mailx
Second, create /etc/ssh/ssh_alert.sh with the following:
#!/bin/sh
# Change these two lines:
sender="sender@some_email.com"
recepient="recepient@some_email.com"
if [ "$PAM_TYPE" != "close_session" ]; then
host="`hostname`"
subject="SSH Login: $PAM_USER from $PAM_RHOST on $host"
# Message to send, e.g. the current environment variables.
message="`env`"
echo "$message" | mailx -r "$sender" -s "$subject" "$recepient"
fi
Lastly, add the following line to /etc/pam.d/sshd
session required pam_exec.so seteuid /bin/sh /etc/ssh/ssh_alert.sh
That's it!
No comments:
Post a Comment