More SSH security

Posted by: Chris  :  Category: Linux Tips

For added security, I modified the .bashrc profile for any users that may have shell access, and added the following, so that when the user logs in, it sends out an email, letting you know that someone has logged in.

echo ‘ALERT – Root Shell Access (YourserverName) on:’ `date` `who` | mail -s “Alert: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” you@yourdomain.com

Of course, you need to modify  the (Yourservername) and you@yourdomain.com part.

This little code gets added into the .bashrc file for the user you want to report. For example, if the user logging in was named tedsite, you would add this to:

/home/tedsite/.bashrc

I was getting an error though once I tried it:

-bash: mail: command not found

This was fixed easily on the Centos system, by running the following from the command line:

yum install mailx

If you wanted to apply this to the root account, you would edit this file:

/root/.bashrc

A quick note, its best to use an email address that is not on your current server.

2 Responses to “More SSH security”

  1. E-mail Alert on Root SSH Login - cPanel Forums Says:

    […] a look at my blog post: SolidServers.ca ? Blog Archive ? More SSH security __________________ Blog – https://solidservers.ca Quality Hosting – […]

  2. Jason Madsen Says:

    Thanks for this post, answers a bunch of questions I was having.

Leave a Reply