mirror of
https://github.com/m8tin/cis.git
synced 2026-04-02 19:01:30 +02:00
30 lines
933 B
Markdown
30 lines
933 B
Markdown
How to use
|
|
==========
|
|
|
|
You can use this script `ssh-notify-root-login.sh` in two different ways.
|
|
|
|
1.) Use it as is
|
|
----------------
|
|
|
|
In this use case you just have to call this script once.
|
|
|
|
It will register itself to the file `/etc/pam.d/sshd` and because there is just a logfile defined you will get that functionality.
|
|
|
|
Each ssh login of user root will be logged into this file:
|
|
- `/var/log/ssh-notify-root-login.sh.log`
|
|
|
|
2.) Use your own configuration
|
|
------------------------------
|
|
|
|
In this case copy the script to a custom location or put it into your definitions, e.g.:
|
|
- `/cis/definitions/your.domain.net/script/host/pam/ssh-notify-root-login.sh`
|
|
|
|
There you can modify the following variables:
|
|
- _LOGFILE
|
|
- _EMAIL_ADDRESS
|
|
- _SLACK_WEBHOOK_URL
|
|
|
|
Setting these variables to "" will disable the feature.
|
|
|
|
If you set a varaible to a valid value, e.g. a webhook-url of slack, you will get a slack-message on each login.
|
|
|