scriptos/ssh-login-notifier
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
6c2a6dc12be571c7df3a09bc2ca0a7bd915c7dbe
ssh-login-notifier/ssh-login-notify.sh
Patrick Asmus 6c2a6dc12b Initial Commit
2026-04-26 21:05:42 +02:00

144 lines
4.4 KiB
Bash
Raw Blame History

#!/bin/bash
# SSH Login Notifier - Hauptscript
# Wird ueber /etc/profile.d/ bei interaktivem SSH-Login aufgerufen
# https://git.techniverse.net/scriptos/ssh-login-notifier
# Nur bei SSH-Verbindungen ausfuehren
[[ -z "$SSH_CONNECTION" ]] && return 0 2>/dev/null || [[ -z "$SSH_CONNECTION" ]] && exit 0
INSTALL_DIR="/opt/ssh-login-notifier"
CONFIG_FILE="${INSTALL_DIR}/config.conf"
VERSION="1.0.0"
# Im Hintergrund ausfuehren, damit der Login nicht verzoegert wird
(
# --- Konfiguration laden ---
load_config() {
if [[ ! -f "$CONFIG_FILE" ]]; then
logger -t ssh-login-notifier "FEHLER: Konfigurationsdatei nicht gefunden: ${CONFIG_FILE}"
exit 0
fi
while IFS='=' read -r key value; do
key=$(echo "$key" | xargs)
value=$(echo "$value" | xargs)
[[ -z "$key" || "$key" == \#* ]] && continue
declare -g "$key=$value"
done < "$CONFIG_FILE"
}
# --- Login-Informationen sammeln ---
collect_login_info() {
LOGIN_USER="$USER"
LOGIN_HOST="$(hostname -f 2>/dev/null || hostname)"
LOGIN_DATE="$(date +%d.%m.%Y)"
LOGIN_TIME="$(date +%H:%M:%S)"
LOGIN_IP="${SSH_CLIENT%% *}"
LOGIN_IP="${LOGIN_IP:-unbekannt}"
GEO_INFO=""
if [[ "$GEO_LOOKUP" == "true" && "$LOGIN_IP" != "unbekannt" ]]; then
GEO_JSON=$(curl -s --max-time 5 "http://ip-api.com/json/${LOGIN_IP}?fields=status,country,regionName,city,isp" 2>/dev/null)
if echo "$GEO_JSON" | grep -q '"status":"success"'; then
GEO_COUNTRY=$(echo "$GEO_JSON" | grep -o '"country":"[^"]*"' | cut -d'"' -f4)
GEO_REGION=$(echo "$GEO_JSON" | grep -o '"regionName":"[^"]*"' | cut -d'"' -f4)
GEO_CITY=$(echo "$GEO_JSON" | grep -o '"city":"[^"]*"' | cut -d'"' -f4)
GEO_ISP=$(echo "$GEO_JSON" | grep -o '"isp":"[^"]*"' | cut -d'"' -f4)
GEO_INFO="${GEO_CITY}, ${GEO_REGION}, ${GEO_COUNTRY} (${GEO_ISP})"
fi
fi
}
# --- E-Mail senden ---
send_email() {
local subject="${EMAIL_SUBJECT_PREFIX} auf ${LOGIN_HOST}"
local body=""
body+="SSH-Zugriff erkannt\n"
body+="==============================\n\n"
body+="Server: ${LOGIN_HOST}\n"
body+="Datum: ${LOGIN_DATE}\n"
body+="Uhrzeit: ${LOGIN_TIME}\n"
body+="Benutzer: ${LOGIN_USER}\n"
body+="Quell-IP: ${LOGIN_IP}\n"
if [[ -n "$GEO_INFO" ]]; then
body+="Standort: ${GEO_INFO}\n"
fi
if command -v mail &>/dev/null; then
echo -e "$body" | mail -s "$subject" "$EMAIL_RECIPIENT"
elif command -v sendmail &>/dev/null; then
{
echo "Subject: ${subject}"
echo "From: ${EMAIL_FROM}"
echo "To: ${EMAIL_RECIPIENT}"
echo "Content-Type: text/plain; charset=UTF-8"
echo ""
echo -e "$body"
} | sendmail "$EMAIL_RECIPIENT"
elif command -v msmtp &>/dev/null; then
{
echo "Subject: ${subject}"
echo "From: ${EMAIL_FROM}"
echo "To: ${EMAIL_RECIPIENT}"
echo "Content-Type: text/plain; charset=UTF-8"
echo ""
echo -e "$body"
} | msmtp "$EMAIL_RECIPIENT"
else
logger -t ssh-login-notifier "FEHLER: Kein Mail-Tool gefunden (mail, sendmail, msmtp)"
return 1
fi
}
# --- ntfy senden ---
send_ntfy() {
local title="SSH Login registriert"
local message=""
message+="Es wurde ein SSH Login auf ${LOGIN_HOST} registriert.\n"
message+="\n"
message+="Datum: ${LOGIN_DATE}\n"
message+="Uhrzeit: ${LOGIN_TIME}\n"
message+="Benutzer: ${LOGIN_USER}\n"
message+="IP-Adresse des Clients: ${LOGIN_IP}"
if [[ -n "$GEO_INFO" ]]; then
message+="\nStandort: ${GEO_INFO}"
fi
local -a curl_args=(
-s
--max-time 10
-H "Title: ${title}"
-H "Priority: ${NTFY_PRIORITY:-3}"
-H "Tags: ${NTFY_TAGS:-warning,computer}"
-d "$(echo -e "$message")"
)
if [[ -n "$NTFY_AUTH_TOKEN" ]]; then
curl_args+=(-H "Authorization: Bearer ${NTFY_AUTH_TOKEN}")
fi
curl "${curl_args[@]}" "${NTFY_SERVER}/${NTFY_TOPIC}" >/dev/null 2>&1
}
# --- Hauptprogramm ---
load_config
collect_login_info
IFS=',' read -ra METHODS <<< "$NOTIFICATION_METHODS"
for method in "${METHODS[@]}"; do
method=$(echo "$method" | xargs)
case "$method" in
email) send_email ;;
ntfy) send_ntfy ;;
*) logger -t ssh-login-notifier "Unbekannte Methode: ${method}" ;;
esac
done
) &>/dev/null &
disown
Reference in New Issue View Git Blame Copy Permalink