登录检测脚本

Tutorial: 运维相关 Category: Shell Published: 2026-04-07 13:58:25 Views: 22 Likes: 0 Comments: 0

#!/bin/bash

##################################################
# Mail Configuration
#
SUBJECT="Root Login Alert:$(hostname)"
EMAIL="changeme@email.com"
###################################################
# Logging Settings
#
Logging=true #true/false
LOG_FILE=/var/log/login.log
###################################################
# Notification Variables
#
KNOWN_IPS="127.0.0.1" # IPs you do not want to be notified about.
WHO=$(w -si)
loginip=$(echo $SSH_CLIENT | awk '{print $1}')
authorized=false
###################################################
# message Function
#
function message {
    echo "${msgheader}$(hostname)"
    echo
    echo "------------: Login Info :---------------"
    echo
    echo "Login IP : $loginip"
    echo "Login User: $(whoami)"
    echo "Date-Time:$(date)"
    echo
    echo "------------: Logged in users :----------"
    echo
    echo "$WHO"
}
# End message Function
###################################################
# Determine authorization, Send Email if not.
#
for ip in $KNOWN_IPS; do
    if [ "$loginip" == "$ip" ]; then
        authorized=true
        msgheader="Authorized Login to Server: "
    fi
done
if [ ! "$authorized" == "true" ]; then
    # msgheader="Unauthorized Login to Server: " message | mail -s "$SUBJECT" "$EMAIL"
    msgheader="Unauthorized Login to Server: " message
fi
###################################################
# Logging statment
#
if [ "$Logging" == "true" ]; then
    touch $LOG_FILE
    message >>$LOG_FILE
fi

Prev: 系统信息查看 Next: 内存监控脚本