Get notified of SSH logins by email
- Send emails with the Mailgun API
- IP range whitelisting
- Easy installation (pure bash)
Set the following configuration variables in config.sh
, which should be in the same directory as login-notify.sh
:
API_KEY="<Mailgun API Key>"
MAILGUN_URL="https://api.mailgun.net/v3/<Mailgun Domain>.mailgun.org/messages"
RECIPIENTS="Foo Bar <foo@example.com>, Baz Bar <baz@example.com>" # For multiple, comma separate
FROM="SSH Alert <sshd@mycomputer.example.com>"
You can whitelist certain IP addresses if you are not concerned about logins from those IPs. Add each IP address on each line of ip-whitelist.txt
, which should be in the same directory as login-notify.sh
. You can also specify IP ranges using CIDR notation, such as 192.168.0.0/24
.
127.0.0.1
As per (1), have the script run when an SSH login occurs by adding it to /etc/pam.d/sshd
:
session optional pam_exec.so seteuid /path/to/login-notify.sh
For convenience, an installation script is provided. It is recommended to install manually because the installation script might not work on all computers/operating systems. The installation script will install the repository in /etc/ssh/login-notify
and will add the required line to /etc/pam.d/sshd
.
For security, always inspect foreign scripts before running them on your computer (especially with sudo access).
curl -O https://raw.githubusercontent.com/nicolaschan/login-notify/master/install.sh
chmod +x install.sh
# Inspect the script for security
sudo ./install.sh
To disable, remove the added line from /etc/pam.d/sshd
. You may also remove everything else by deleting the repository (default location is /etc/ssh/login-notify
).
This program has been tested on the following platforms:
- Linux Mint 18.3 Sylvia
- Ubuntu 17.10