Skip to content

Instantly share code, notes, and snippets.

@Nuukem

Nuukem/README.md

Last active September 9, 2025 06:56
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save Nuukem/19d61735776cc6cedf5696282172dd82 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save Nuukem/19d61735776cc6cedf5696282172dd82 to your computer and use it in GitHub Desktop.
Download ZIP
Send Pushover notification when user connects via SSH
Raw
README.md

Send Pushover notification when user connects via SSH

Guide pulled from here

Be sure to connect via SSH to a second session in case there's a problem

Create the script file.

sudo nano /etc/ssh/login-notify.sh

Paste in contents of login-notify.sh file below.

Allow script to be executed.

sudo chmod +x /etc/ssh/login-notify.sh

Now modify /etc/pam.d/sshd to add script call

sudo nano /etc/pam.d/sshd

Paste in this line below existing session optional commands:

# Send notification on user connect
session optional pam_exec.so seteuid /etc/ssh/login-notify.sh

For testing purposes, the module is included as optional, so that you can still log in if the execution fails. After you made sure that it works, you can change optional to required. Then login won't be possible unless the execution of your hook script is successful (if that is what you want).

Raw
login-notify.sh
#!/bin/sh
# Change these two lines:
PUSHOVER_USER_KEY=""
PUSHOVER_APP_KEY=""
CLIENT=""
USE_HTML_FORMAT=0
# update line below to point to the interface you want the IP Address for. Ex. eth0, wlan0, etc.
IPADDRESS=$(ifconfig eth0 | sed -En 's/127.0.0.1//;s/.*inet (addr:)?(([0-9]*\.){3}[0-9]*).*/\2/p')
if [ "$PAM_TYPE" != "close_session" ]; then
host="`hostname`"
TITLE="SSH Login: $PAM_USER from $PAM_RHOST on $CLIENT [$IPADDRESS]"
# Message to send, e.g. the current environment variables.
MESSAGE="`env`"
wget https://api.pushover.net/1/messages.json --post-data="token=$PUSHOVER_APP_KEY&user=$PUSHOVER_USER_KEY&message=$MESSAGE&title=$TITLE&html=$USE_HTML_FORMAT" -qO- > /dev/null 2>&1 &
fi
if [ "$PAM_TYPE" = "close_session" ]; then
host="`hostname`"
TITLE="SSH Disconnect: $PAM_USER @ $CLIENT [$IPADDRESS]"
# Message to send, e.g. the current environment variables.
MESSAGE="`env`"
wget https://api.pushover.net/1/messages.json --post-data="token=$PUSHOVER_APP_KEY&user=$PUSHOVER_USER_KEY&message=$MESSAGE&title=$TITLE&html=$USE_HTML_FORMAT" -qO- > /dev/null 2>&1 &
fi
@Raspbianuser
Copy link

Raspbianuser commented Sep 9, 2025
edited
Loading

Screenshot 2025-09-09 at 08 46 17

What do I need to change in the script to remove all the env stuff? I tried to comment it out but then the script did not send any notifications. I really only need the user and ip part.

Edit: And I found out that I have sync script that syncs a files between two host every 5 min - this creates a lot of notifications! Can I excempt users?? (please :D )

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment