https://github.com/torxed/ssh_mailer
Sends e-mail whenever someone logs in to SSH (Triggers via PAM)
https://github.com/torxed/ssh_mailer
information mail pam security security-audit ssh
Last synced: about 2 months ago
JSON representation
Sends e-mail whenever someone logs in to SSH (Triggers via PAM)
- Host: GitHub
- URL: https://github.com/torxed/ssh_mailer
- Owner: Torxed
- License: gpl-3.0
- Created: 2019-10-23T09:52:46.000Z (over 5 years ago)
- Default Branch: master
- Last Pushed: 2019-10-23T15:07:36.000Z (over 5 years ago)
- Last Synced: 2025-01-25T17:16:28.250Z (4 months ago)
- Topics: information, mail, pam, security, security-audit, ssh
- Language: Python
- Size: 25.4 KB
- Stars: 1
- Watchers: 2
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- License: LICENSE
Awesome Lists containing this project
README
# ssh_mailer
Sends e-mail whenever someone logs in to SSH (Triggers via PAM)
# Installation
Copy `ssh_mailer.py` to `/usr/bin/` and `chmod +x /usr/bin/ssh_mailer.py`.
Then add the following to `/etc/pam.d/sshd`:
```
session optional pam_exec.so seteuid /usr/bin/ssh_mail.py
```
Then create certificates:
```
mkdir -p /etc/sshmailer
openssl genrsa -out /etc/sshmailer/sshmailer.pem 1024
openssl rsa -in /etc/sshmailer/sshmailer.pem -out /etc/sshmailer/sshmailer.pub -pubout
chmod 440 /etc/sshmailer/sshmailer.*
```
And copy the public part of the cert *(without the `--- BEGIN ---` parts)* into your DNS TXT record, which should look something like:
```
cat /etc/sshmailer/sshmailer.pub
INSERT INTO records (name, type, content) VALUES ('default._domainkey.hvornum.se', 'TXT', 'v=DKIM1;k=rsa;p=MIGfMA+PUejXCfAQAB');
```
Now, whenever you login via SSH, PAM should execute `ssh_mail.py`