Practitioner Level

Design an Email Notification on User Login via SSH

Pricing
30 minutes
  • 4 Learning Objectives

About this Hands-on Lab

The topic of this lab is notifications. The goal is to design a notification system that will send a notification by email every time a user logs in via SSH. This is a good way to notify us of malicious activity.

Learning Objectives

Successfully complete this lab by achieving the following learning objectives:

Install EPEL Repos, sendemail, python36, python36-devel
sudo yum install https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm
sudo yum install python36 python36-devel
sudo yum install sendemail
Test Sending out an Email
sendemail -f [FROM_EMAIL] -u 'AUTH_NOTIFICATION' -t [TO_EMAIL] -s smtp.gmail.com:587 -o tls=yes -xu [USER_NAME] -xp [PASSWORD] -m "[YOUR MESSAGE]"
Write a Script to Send an Email with the Time Stamp and Username upon SSH Login
vim /home/cloud_user/onLogin.py
#!/bin/python3.6

import subprocess
from datetime import datetime
import time
import getpass

msg = "#########################nTIME: " + datetime.now().strftime('%Y-%m-%d %H:%M:%S') + "nUSER: " + getpass.getuser() + "nWAS AUTHENTICATEDn#########################n"

subprocess.check_output(['sendemail', '-f', '[FROM_EMAIL]', '-u', 'SCAN_NOTIFICATION', '-t', '[TO_EMAIL]', '-s', 'smtp.gmail.com:587', '-o', 'tls=yes', '-xu', '[USER_NAME]', '-xp', '[PASSWORD]', '-m', msg], stdin=None, stderr=None, shell=False, universal_newlines=False)
ESC
:wq
ENTER
chmod +x /home/cloud_user/onLogin.py
sudo cp /home/cloud_user/onLogin.py /bin/
Configure SSH to Make Use of the Script
sudo vim /etc/pam.d/sshd
session optional pam_exec.so seteuid /bin/onSSHLoginHook.py
ESC
:wq
ENTER
Contact SalesSee Pricing

Additional Resources

Lab Conditions

  • sshd server is running
  • sendemail is not installed
  • EPEL repos are not enabled
  • Python3.6 is not installed nor is python3.6-devel

Additional Lab Requirments

  • Personal Gmail account
  • Enabled less secure app access
  • EPEL repo link: https://dl.fedoraproject.org/pub/epel/epel-release-latest-8.noarch.rpm

Lab Overall Objectives

  • Install EPEL repos, sendemail, python36, python36-devel
  • Test sending out an email
  • Write a script to send an email with the time stamp and username of the user that logged in via ssh
  • Configure SSH to make use of your script

What are Hands-on Labs

Hands-on Labs are real environments created by industry experts to help you learn. These environments help you gain knowledge and experience, practice without compromising your system, test without risk, destroy without fear, and let you learn from your mistakes. Hands-on Labs: practice your skills before delivering in the real world.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Don't have an account?

Get Started
Who’s going to be learning?
MyselfMy Organization