How to run a script when trying to connect to an SSH server?

A

Alexander Borzunov2011-04-02 10:38:22

SSH

Alexander Borzunov, 2011-04-02 10:38:22

How can I configure an SSH server (OpenSSH on Linux) to run a special script when trying to connect?

If possible, it is better to pass the client's IP address as a parameter to the script.

The script should not run during normal authorization on the computer.

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

C

ComodoHacker, 2011-04-02
@hx0

Put the required commands in /etc/ssh/sshrc and they will be executed after a successful login but before the shell. The client's IP address can be taken from the SSH_CONNECTION or SSH_CLIENT variable. See man sshd, section on SSHRC for details.
Please note that this will be performed with client rights.

S

shadowalone, 2011-04-02
@shadowalone

If you need it so that the script sends login notifications via ssh, by mail, sms, or something else, then the correct option looks a little different:
The script should monitor the log for ssh login, and send notifications.

B

brammator, 2011-04-03
@brammator

And if the task is to “ban at the address of those who sort through passwords”, then you can look at fail2ban and similar utilities. There, in principle, any logs, masks and reactions to them are easily configured.