Skip to content
/ external-ssh-alert Public

Simple script to send an email via ProtonMail Bridge if an SSH connection is made from external client to your machine

License

GPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

coenraadhuman/external-ssh-alert

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

1 Commit
LICENSE
LICENSE
 
 
README.md
README.md
 
 
ssh_login_notify.sh
ssh_login_notify.sh
 
 

Repository files navigation

external-ssh-alert

Simple script to send an email via Proton Mail Bridge if an SSH connection is made from external client to your machine.

Context

My machine is running Ubuntu 24.04 and I wanted the means of being notified of when I or someone else logins into the machine from the outside world.

Setup

  1. Install Proton Mail Bridge

  2. Log into it so you can get the details you need for the setup of ssmtp and mail

  3. Install ssmtp to use the SMTP protocal with mail: sudo apt install ssmtp

  4. Edit your /etc/ssmtp/ssmtp.conf:

    #
# Config file for sSMTP sendmail
#
# The person who gets all mail for userids < 1000
# Make this empty to disable rewriting.
root=postmaster
SERVER=THE EMAIL ADDRESS YOU ARE USING FROM PROTON

# The place where the mail goes. The actual machine name is required no 
# MX records are consulted. Commonly mailhosts are named mail.domain.com

# This is the details from Proton Mail Bridge:
mailhub=127.0.0.1:1025
AuthUser=USERNAME
AuthPass=PASSWORD
UseTLS=YES
UseSTARTTLS=YES

# Where will the mail seem to come from? THIS IS THE DOMAIN OF THE EMAIL YOU ARE SENDING FROM
rewriteDomain=pm.me

# The full hostname, YOUR MACHINE's HOSTNAME
hostname=HOSTNAME

# Are users allowed to set their own From: address?
# YES - Allow the user to specify their own From: address
# NO - Use the system generated From: address
FromLineOverride=YES

  5. Install mailutils to send email from terminal: sudo apt install -y mailutils

  6. Copy the script, ssh_login_notify.sh to /usr/local/bin/.

  7. Make it executable: sudo chmod +x /usr/local/bin/ssh_login_notify.sh

  8. Change the details in the script, namely: sender and recipient variables.

  9. Lastly edit your /etc/bash.bashrc and add the below (it relies on the terminal multiplexer screen if you don't have this installed do it via your package manager):

    if [[ ! -v SSH_CONNECTION ]]; then
    echo "SSH_CONNECTION is not set" &>/dev/null
elif [[ -z "$SSH_CONNECTION" ]]; then
    echo "SSH_CONNECTION is set to the empty string" &>/dev/null
else
    screen -dm /usr/local/bin/ssh_login_notify.sh "$(/usr/bin/hostname)" "$(/usr/bin/date)" "$(/usr/bin/whoami)" $SSH_CONNECTION
fi

    The above ensures that you only get notified when the SSH_CONNECTION variable is populated by OpenSSH, meaning that a remote client has connected.

    SSH_CONNECTION, Identifies the client and server ends of the connection. 
The variable contains four space-separated values: client IP address and client port number and server IP address and server port number. 
SSH client and server socket connection info; set by the sshd(8) daemon, string, session.c

Contributions

Feel free to contribute to this guide and scripts.

About

Simple script to send an email via ProtonMail Bridge if an SSH connection is made from external client to your machine

Topics

ssh proton notify protonmail

Resources

Readme

License

GPL-3.0 license
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages