If you’re looking to get notified when someone logs into your Linux servers via SSH, Jack Wallen is here to show you how to set this up.

SSH over servers
Image: Funtap/Shutterstock

I do a lot of testing on open-source software, and sometimes, I need to be able to do things a bit differently. Case in point: Trying to send an email from a test server that’s not connected to a WAN-facing domain. That can get really tricky.

SEE: 40+ open source and Linux terms you need to know (TechRepublic Premium)

However, with Postfix and Gmail SMTP, it’s not impossible.

Your first question might be “Why would you need to do this?” As I said, I do a lot of testing, so I have several Linux servers on a LAN that need to be able to send out emails. One example of that is creating an email alert for when someone logs into a server via SSH. To make that work on a server within a LAN, you have to get kind of creative.

Let me show you how I accomplished this.

What you’ll need

I’m going to be demonstrating on my go-to server distribution of choice, Ubuntu Server. If you use a different flavor of Linux, you’ll only need to modify the installation commands.

And thus … we begin.

How to install the dependencies

The first thing to do is install the necessary dependencies. For that, log into your server and issue the command:

sudo apt-get install postfix mailutils -y

During the installation of postfix, you’ll be prompted to select a type of mail configuration (Figure A).

Figure A

Select the type of mail configuration you’ll need for Postfix.

Make sure to select Internet Site and then, in the next window (Figure B), add a fully qualified domain name (preferred) or your machine’s simple hostname.

Figure B

Add your hostname to the Postfix configuration.

Don’t worry about the details because we’re going to manually add them.

How to configure Postfix

When the installation finishes, it’s time to configure Postfix manually. Before you do that, you’ll need to acquire a Gmail app password. This is done from the security section of your Google Account.

The first thing we’re going to do is create a password file with the command:

sudo nano /etc/postfix/sasl_passwd

In that file, add the following:

[smtp.gmail.com]:587 USERNAME@gmail.com:PASSWORD

Where USERNAME is your Gmail username and PASSWORD is the app password you just created.

Save and close the file and then give it permissions such that only the root user can view it with:

sudo chmod 600 /etc/postfix/sasl_passwd

Next, we open the Postfix main configuration file with:

sudo nano /etc/postfix/main.cf

In that file, locate the relayhost option and change the line to:

relayhost = [smtp.gmail.com]:587

Below that line, add the following:

smtp_use_tls = yes

smtp_sasl_auth_enable = yes

smtp_sasl_security_options =

smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd

smtp_tls_CAfile = /etc/ssl/certs/ca-certificates.crt

Save and close the file.

Next, we need to compile and hash the contents of the sasl_password file we created earlier with the command:

sudo postmap /etc/postfix/sasl_passwd

Finally, restart Postfix with:

sudo systemctl restart postfix

Enable Postfix to start at boot with:

sudo systemctl enable postfix

How to create an SSH login alert

Now that you have Gmail setup as a Postfix relay, it’s time to create our SSH login alert. This is quite simple. Issue the command:

sudo nano /etc/profile

At the bottom of that file, add the following:

if [ -n "$SSH_CLIENT" ]; then

TEXT="$(date): ssh login to ${USER}@$(hostname -f)"

TEXT="$TEXT from $(echo $SSH_CLIENT|awk '{print $1}')"

echo $TEXT|mail -s "ssh login" EMAIL

fi

Where EMAIL is the email address you want the alerts sent to.

Save and close the file.

Log out and log back into the system with SSH and you should eventually see an email alert to the destination email address of the login. The alert will not only tell you which username logged in, but it will also give you the IP address they logged in from.

Subscribe to TechRepublic’s How To Make Tech Work on YouTube for all the latest tech advice for business pros from Jack Wallen.