0

So I am trying to get email notifications setup on about 100 servers and I am using an if script that works perfectly, however I have a tool that ssh's into each machine ever 5 min to gather statistics. I am trying to adapt the script to ignore any ssh attempts from 1 IP. I have racked my brain and I think I have looked through every possible question on the subject. Any help would be amazing thank guys!!!

Currently the script sends an email no matter who ssh's in.

#!/bin/sh
# Change these two lines:
sender="[email protected]"
recepient="[email protected]"

if [ "$PAM_RUSER" != "192.168.1.10" ]; then
goto done
next
 if [ "$PAM_TYPE" != "close_session" ]; then
  host="`hostname`"
  subject="SSH Login: $PAM_USER from $PAM_RHOST on $host"
  # Message to send, e.g. the current environment variables.
  message="`env`"
  echo "$message" | mail "$sender" -s "$subject" "$recepient"
 fi
fi
Improve this question

1 Answer 1

Reset to default
2 
#!/bin/sh
# Change these two lines:
sender="[email protected]"
recepient="[email protected]"

if [ "$PAM_RHOST" != "192.168.1.10" -a "$PAM_TYPE" != "close_session" ]; then
    host="`hostname`"
    subject="SSH Login: $PAM_USER from $PAM_RHOST on $host"
    # Message to send, e.g. the current environment variables.
    message="`env`"
    echo "$message" | mail "$sender" -s "$subject" "$recepient"
fi

This solution uses a different conditional to skip the body of the if if the PAM_RHOST variable is equal to 192.168.1.10. We use -a (and) to specify that both conditions must be met.

Improve this answer
Sign up to request clarification or add additional context in comments.

4 Comments

Sorry I will edit that, yes I have the # in front of the shebang. I changed my script but I still get an email whenever the IP 192.168.1.10 logs in. Any Ideas, and thank you so much for the quick response!!!
@Dale You're comparing $PAM_RUSER with 192.168.1.10, instead of $PAM_RHOST. Is that intentional?
Thank you!!! that was an oversight now it works 100%. Thank you everyone!!!!!!!!!!!
-a is all but deprecated. Use [ ... ] && [ ... ] instead (a separate test command for each condition).

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.