It is suggested to set an email alert when somebody gets logged into your server via. SSH/root.
You need to make amendments to the .bashrc that is available under the ‘/root’ partition. This file is a hidden, therefore you must use the -a flag with ls command to view all the hidden files.
Then add the below code to the bottom of the existing code :
echo ‘SSH Root Access (Your Server Name) on:’ `date` `who` | mail -s “ALERT: Root Access from `who | cut -d”(” -f2 | cut -d”)” -f1`” [email protected]
Then save and exit.
NOTE: We suggest you :
This procedure should be helpful to all the customers who have servers with multiple administrators or have to provide an SSH access to somebody on a regular basis. Here again, we would stress on limiting the disclosure of the Root password and keeping it to minimum. Further, we would like to encourage you to change it on a regular basis.
Though, the mentioned procedure would not help if someone tries to hack into your server using the latest kernel exploit, due to the basic fact that, the hacker would create a different SSH or telnet connection. Inorder to protect your server from such activities, you must keep your server updated, get a firewall installed and adopt the updated security releases.
You must re-check if the modifications are working fine. If you face an issue with that and need an assistance, please contact our 24×7 Linux Technical Support Team either via. Live Chat or raise a ticket at the helpdesk.
Powered by BetterDocs
Your email address will not be published. Required fields are marked *
Save my name, email, and website in this browser for the next time I comment.