How to set up SSH login under Linux? Email reminder notification

Enabling the SSH service on the server makes the server exposed to the Internet, providing an opportunity for hacking, especially when the Linux server also allows direct access by root. The linux server should configure an automatic email warning for each successful SSH login attempt.

The owner of the Linux server will get notifications of various SSH server access logs, such as logged in, login time, and source IP address. This is an important security concern for server owners to protect their servers from unknown login attempts. This is because if a hacker uses brute force to log in to your Linux server via SSH, the consequences are serious. In this article, I will explain how to set up an email warning for all SSH user logins on CentOS 6, CentOS 7, RHEL 6, and RHEL 7.

1. For all users who can log in to SSH on Linux server (root and normal users)

Edit vim /etc/bashrc Add

echo 'ALERT - at the end - Root Shell Access (root.aliyun.cnhzz.com) on:' `date` `who` |  Mail -s "Alert: Root Access from `who |  Cut -d'(' -f2 |  Cut -d')' -f1`" [email protected], only valid for root users

Edit vim .bashrc Add

echo 'ALERT - Root Shell Access at the end Root.aliyun.cnhzz.com) on:' `date` `who` |  Mail -s "Alert: Root Access from `who |  Cut -d'(' -f2 |  Cut -d')' -f1`" [email protected], you can also optionally make the warning only valid for specific ordinary users (eg bin2u):

Edit vim /home/bin2u/.bashrc Add

echo 'ALERT - Root Shell Access (root.aliyun.cnhzz.com) on:' `date` `who` at the end |  Mail -s "Alert: Root Access from `who |  Cut -d'(' -f2 |  Cut -d')' -f1`" [email protected] above settings are valid on the spot. After logging out of ssh, you can receive email reminder if you log in again. If you have not received it, please send an email to test;

echo 'ALERT - Root Shell Access (root.aliyun.cnhzz.com) on:' `date` `who` |  Mail -s "Alert: Root Access from `who |  Cut -d'(' -f2 |  Cut -d')' -f1`" [email protected] If you find a similar error message

send-mail: warning: inet_protocols: IPv6 support is disabled: Address family not supported by protocol send-mail : warning: inet_protocols: configuring for IPv4 support only postdrop: warning: inet_protocols: IPv6 support is disabled: Address family not supported by protocol postdrop: warning: inet_protocols: configuring for IPv4 support only View current inet_protocols

# /usr /sbin/postconf |  Grep inet_protocolsinet_protocols = all changed to ipv4

# vi /etc/postfix/main.cfinet_protocols = all changed to inet_protocols = ipv4 send mail directly via external SMTP (discard sendmail and postfix directly)

My friends will definitely be entangled in the e-mail here for a while, and there will be a variety of misunderstandings that will not be resolved for a while. So using external SMTP to send mail is a good way.

#vi /etc/mail.rc set [email protected] smtp=smtp.139.comset smtp-auth-user=123456set smtp-auth-password=sbsbsbsbset smtp-auth=login after login Your accepted email will receive a similar email. Ssh-mail

Reprinted please specify: rookie HOW webmaster » linux how to set up SSH login email email reminder notification