Warning |
---|
This article is just starting. Probably will need Dickson's help on this topic Some topics, Email Login Events
Integrity Check
File Permissions - World Writable
|
Email Login Events
On servers that are managed by only a few administrators it is often useful to know if someone has logged in.
...
Warning |
---|
This script can be improved,
|
First ensure your system is setup to send emails.
Here is the start of the contents of the login notification script,
Code Block | ||||
---|---|---|---|---|
| ||||
#export REPLYTO=sentry@bonsaiframework.com # My tests have shown this is not necessary. Investigate why http://stackoverflow.com/questions/54725/change-the-from-address-in-unix-mail said it is needed. echo "User $LOGNAME logged in $(date)" | mail -aFrom:sentry@bonsaiframework.com -s "Sentry Alert" bhitch@imagecomics.com |
Until the script is done simply add the email line to the end of the the global startup scripts /etc/profile,
Code Block | ||||
---|---|---|---|---|
| ||||
... more stuff up here ... umask 022 echo "User $LOGNAME logged ininto $HOSTNAME on $(date)" | mail -aFrom:sentry@bonsaiframework.com -s "Sentry Alert Login $LOGNAME@$HOSTNAME" bhitch@imagecomics.com |
Now every login will result in an alert.
...
On small systems, you will want to be emailed sudo events.
Failed
...
Sudo Logins
Actually send an email on failed login...
...