How to Get Linux Server Sends Email Alert on Root Login
To improve the security of the server, especially web server which exposes to the Internet and possible worldwide hackers, it’s best to enable server to automatically send a notification email to predefined email address everytime someone logs in as root to the host. To configure the automatic email alert notification to a default email address on each incident of root log on on the server, use the following guide.
- Login to the server via SSH using as root ID.
- Ensure that you’re at home directory of root. The open up the .bash_profile for editing using pico or vi by typing one of the following commands at command shell line:
pico .bash_profile
vi .bash_profile - Scroll down to the end of the file and add the following line:
echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d"(" -f2 | cut -d")" -f1`" user@example.com
Replace user@email.com with the actual email account address that you want to the root access alert notification been sent to. Note that you can change the text contains in the email alert too. The text starting with first ALERT is written as email body, and you can add in other info such as host name or change the wordings. The second Alert is the email title which you can change to your own too.
Now logout and login again as root, you should receive an email alert at your inbox. The security trick should works on most popular flavor of Linux such as RedHat, CentOS, Ubuntu, FreeBSD and etc.
Share and contribute or get technical support and help at My Digital Life Forums.
Related Articles
- Disable Direct Root Login and User Access via SSH to Server
- Disable and Turn Off Telnet in Linux
- Change and Reset MySQL root Password
- Change User Name on Linux
- Cannot FTP to Web Host or Server running cPanel/WHM
- cPanel Invalid License File After Changing Hostname Error
- Installing Web Server in FreeBSD 6.0 with Apache 2.2, MySQL 5.0 and PHP 5 - Part 3
- Check and Optimize MySQL Database Automatically with Crontab/Cron
- Restore Full Backup or cpmove File in cPanel Web Host
- Install Web Server in Windows XP with Apache2, PHP5 and MySQL4 - Part 4
Entries (RSS)
August 12th, 2007 03:10
[...] Linux - wysyłanie maila o logowaniu na konto roota Bardzo użyteczny skrypcik [...]
May 3rd, 2008 05:43
‘who -m’ makes the output much cleaner when using this on a system that has multiple users logged on…
-m reports only hostname and user associated with stdin terminal