Sshd

Aus SchnallIchNet

Wechseln zu: Navigation, Suche

monitor ssh-logins

Set up logging in your sshd_config to point to a syslog facility that you can log separately:
=> see man 3 syslog for more facilities. Choose one like e.g.

Logging

SyslogFacility local5
LogLevel INFO

Then set up your syslog.conf like this:

local5.info    |/var/run/mysshwatcher.pipe

Add the script you're going to write to /etc/inittab so it keeps running:

sw0:2345:respawn:/usr/local/bin/mysshwatcher.sh

then write your script:

#!/bin/sh

P=/var/run/mysshwatcher.pipe
test -p $P || mkfifo $P

while read x <$P; do
  # ... whatever, e.g.:
  echo "ssh info: $x" | wall
done;

Finally, restart your syslogd and get your inittab reloaded (init q) and it should work. If other variantes of these services are used, you need to configure things accordingly

Von „https://schnallich.net/index.php?title=Sshd&oldid=653“

Navigationsmenü