Every time a user logs into ssh, we will send an email notification. It will contain information, including the time and IP address from which the successful connection was made.
Such notifications allow you to control and see when and who worked with the server using ssh.
To send letters from the console using authorization, we need to install the necessary packages and configure them.
1. Installation:
apt install ssmpt
apt install mailutils
2. Setting up the ssmtp service, let's bring the file to this form:
nano /etc/ssmtp/ssmtp.conf
UseSTARTTLS=YES
root=email@domain.tld
mailhub=mail.domain.tld:587
AuthUser=email@domain.tld
AuthPass=P@ssw0rd
FromLineOverride=YES
3. Let's edit the file that is executed when users log in:
nano /home/user1/.bashrc
echo 'ALERT - user1 ssh access (server-name) on:' `date` `who` | mail -s "SSH Login" to@domain.tld
...
# ~/.bashrc: executed by bash(1) for non-login shells.
4. Now, every time user1 logs in, a notification will be sent:
code>
5. Permission settings Since the .bashrc file is located in the user’s folder, he is allowed to edit it by default; to deny it, let’s disable write rights for the root user:
chmod 444 /home/user1/.bashrc
Ready. Now this user, once logged in, will not be able to disable configured notifications.