婷婷综合国产,91蜜桃婷婷狠狠久久综合9色 ,九九九九九精品,国产综合av

主頁 > 知識庫 > 腳本實現SSH登錄郵件報警

腳本實現SSH登錄郵件報警
熱門標簽:聯通電話機器人怎么接 寧波智能外呼系統公司 奧維互動地圖標注參數 曲阜400電話辦理 安裝外呼系統費用 地圖標注輻射圖案 申請公司400電話要注意什么 衛星地圖標注地名 電銷機器人 劍魚

登錄保護是一個非常重要的環節,下面通過圖文并茂的方式給大家詳細講解下:


前兩天@cyy 給我發了一個圖

然后我就想到USHQ的ssh登錄app通知功能,然后就像如果把這個部署到自用的服務器就好了。至少多一層安全系數。

首先要感謝@Legion 幫忙搞定了幾個錯誤以及搞定了Geo2IP的JSON轉換。 (P.S.此人為自動化運維大神級人物,現任職于德國一數據統計企業。)

當然,我和他相比我就是戰五渣了...大家一定要多向 @Legion 學習啊~~

說下需要做的準備:

sendmail或者Postfix
php
bash
CentOS/Debian/Ubuntu
若你的生產環境中沒有php sendmail Postfix等組件,請移步:

@Legion: Linux之使用shell腳本實現ssh登錄報警

參考文件

首先是報警腳本文件

Shell

#!/bin/sh
#########################################################################
# File Name: Login-alert.sh
# Author: Jason
# Email: master#deamwork.com
# Created Time: Tue Jul 21 2015 21:23:16 PM CST 
#########################################################################

#require jq
#wget http://stedolan.github.io/jq/download/linux64/jq -O /usr/local/bin/jq
#chmod +x /usr/local/bin/jq

#if error, please # following one
#PATH=/usr/local/nginx/sbin:/usr/local/php/bin:/usr/local/mysql/bin:/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/root/bin

#Geo2IP by Legion(http://www.dwhd.org/)
eval `curl -s "http://ip.taobao.com/service/getIpInfo.php?ip=${SSH_CLIENT%% *}" | jq . | awk -F':|[ ]+|"' '{if($3~/^(country|area|region|city|isp)$/){print $3"="$7}}'`

#html mail content
cat >> mail-no-base64.html EOF
#請自行準備郵件模板,以下為可能用到的變量
#輸出主機名 `hostname`
#輸出登錄端口 ${SSH_CLIENT##* }
#輸出登錄來源IP ${SSH_CLIENT%% *}
#輸出IP地址歸屬地 {country}_${area}_${region}_${city}_${isp}
#輸出登錄時間 `date`
EOF

#Base64 Encoding
base64 mail-no-base64.html > mail-base64.html

#使用Sendmail
#sendmail -t >/dev/null 2>1 EOF
#to:example@example.com
#from:Exampleexample@example.com>
#subject:[`hostname`]服務器登錄告警

#`cat mail-no-base64.html`

#EOF

#使用postfix
#cat >> mail.php EOF
#?php
#\$to = "example@example.com";
#\$subject = "[`hostname`]服務器登錄告警";
#\$message = "`cat mail-base64.html`";
#\$headers = "MIME-Version: 1.0" . "\r\n";
#\$headers .= "Content-Type: text/html; charset=\"utf-8\"" . "\r\n";
#\$headers .= "Content-Transfer-Encoding: base64" . "\r\n";
#\$headers .= 'From: Exampleexample@example.com>' . "\r\n";
#\$send = mail(\$to,\$subject,\$message,\$headers);
#if(\$send){echo 'Mail Send Successful.';}else{echo 'Failed.';}
#?>
#EOF

#使用 SMTP (require smtp-class.php)
cat >> mail.php EOF
?php
require("smtp-class.php"); 
\$smtpserver = "smtp.example.com";
\$smtpserverport = 25;
\$smtpusermail = "example@example.com";
\$smtpemailto = "example@example.com";
\$smtpuser = "example";
\$smtppass = "password";
\$mailsubject = "[`hostname`]服務器登錄告警";
\$mailbody = "`cat mail-base64.html`";
\$mailtype = "HTML";
\$smtp = new smtp(\$smtpserver,\$smtpserverport,true,\$smtpuser,\$smtppass);
\$smtp->debug = TRUE;
\$smtp->sendmail(\$smtpemailto, \$smtpusermail, \$mailsubject, \$mailbody, \$mailtype); 
?>
EOF
php mail.php
yes y | rm mail-no-base64.html mail-base64.html mail.php

然后是如何觸發這個腳本:

Shell

復制代碼 代碼如下:

echo "screen -fa -d -m -S WL /etc/Login-alert.sh" >> /etc/profile

用這種方法, 新開終端或者復制終端都會觸發報警

如果使用smtp方式,請保存以下文件為smtp-class.php

PHP

?php
class smtp
{
  /* Public Variables */
  var $smtp_port;
  var $time_out;
  var $host_name;
  var $log_file;
  var $relay_host;
  var $debug;
  var $auth;
  var $user;
  var $pass;

  /* Private Variables */ 
  var $sock;

  /* Constractor */
  function smtp($relay_host = "", $smtp_port = 25,$auth = false,$user,$pass)
  {
    $this->debug = FALSE;
    $this->smtp_port = $smtp_port;
    $this->relay_host = $relay_host;
    $this->time_out = 30; //is used in fsockopen() 
    $this->auth = $auth;//auth
    $this->user = $user;
    $this->pass = $pass;
    $this->host_name = "localhost"; //is used in HELO command 
    $this->log_file = "";
    $this->sock = FALSE;
}

  /* Main Function */
  function sendmail($to, $from, $subject = "", $body = "", $mailtype, $cc = "", $bcc = "", $additional_headers = "")
  {
    $mail_from = $this->get_address($this->strip_comment($from));
    $body = ereg_replace("(^|(\r\n))(\.)", "\1.\3", $body);
    $header .= "MIME-Version:1.0\r\n";
    if($mailtype=="HTML")
    {
      $header .= "Content-Type: text/html; charset=\"utf-8\"" . "\r\n";
      $header .= "Content-Transfer-Encoding: base64" . "\r\n";
    }
    $header .= "To: ".$to."\r\n";
    if ($cc != "") 
    {
      $header .= "Cc: ".$cc."\r\n";
    }
    $header .= "From: $from".$from.">\r\n";
    $header .= "Subject: ".$subject."\r\n";
    $header .= $additional_headers;
    $header .= "Date: ".date("r")."\r\n";
    $header .= "X-Mailer:By TianhaiTech (PHP/".phpversion().")\r\n";
    list($msec, $sec) = explode(" ", microtime());
    $header .= "Message-ID: ".date("YmdHis", $sec).".".($msec*1000000).".".$mail_from.">\r\n";
    $TO = explode(",", $this->strip_comment($to));

    if ($cc != "") 
    {
      $TO = array_merge($TO, explode(",", $this->strip_comment($cc)));
      }
    if ($bcc != "") 
    {
      $TO = array_merge($TO, explode(",", $this->strip_comment($bcc)));
    }
    $sent = TRUE;
    foreach ($TO as $rcpt_to) 
    {
      $rcpt_to = $this->get_address($rcpt_to);
      if (!$this->smtp_sockopen($rcpt_to)) 
      {
        $this->log_write("Error: Cannot send email to ".$rcpt_to."\n");
        $sent = FALSE;
        continue;
      }
      if ($this->smtp_send($this->host_name, $mail_from, $rcpt_to, $header, $body)) 
      {
        $this->log_write("E-mail has been sent to ".$rcpt_to.">\n");
      } 
      else 
      {
        $this->log_write("Error: Cannot send email to ".$rcpt_to.">\n");
        $sent = FALSE;
      }
      fclose($this->sock);
      $this->log_write("Disconnected from remote host\n");
    }
    return $sent;
  }

  /* Private Functions */
  function smtp_send($helo, $from, $to, $header, $body = "")
  {
    if (!$this->smtp_putcmd("HELO", $helo)) 
    {
      return $this->smtp_error("sending HELO command");
    }

    #auth
    if($this->auth)
    {
      if (!$this->smtp_putcmd("AUTH LOGIN", base64_encode($this->user))) 
      {
        return $this->smtp_error("sending HELO command");
      }
      if (!$this->smtp_putcmd("", base64_encode($this->pass))) 
      {
        return $this->smtp_error("sending HELO command");
      }
    }
    if (!$this->smtp_putcmd("MAIL", "FROM:".$from.">")) 
    {
      return $this->smtp_error("sending MAIL FROM command");
    }
    if (!$this->smtp_putcmd("RCPT", "TO:".$to.">")) 
    {
      return $this->smtp_error("sending RCPT TO command");
    }
    if (!$this->smtp_putcmd("DATA"))
    {
      return $this->smtp_error("sending DATA command");
    }
    if (!$this->smtp_message($header, $body)) 
    {
      return $this->smtp_error("sending message");
    }
    if (!$this->smtp_eom())
    {
      return $this->smtp_error("sending CR>LF>.CR>LF> [EOM]");
    }
    if (!$this->smtp_putcmd("QUIT")) 
    {
      return $this->smtp_error("sending QUIT command");
    }
    return TRUE;
  }

  function smtp_sockopen($address)
  {
    if ($this->relay_host == "") 
    {
      return $this->smtp_sockopen_mx($address);
    } 
    else
    {
      return $this->smtp_sockopen_relay();
    }
  }

  function smtp_sockopen_relay()
  {
    $this->log_write("Trying to ".$this->relay_host.":".$this->smtp_port."\n");
    $this->sock = @fsockopen($this->relay_host, $this->smtp_port, $errno, $errstr, $this->time_out);
    if (!($this->sock  $this->smtp_ok())) 
    {
      $this->log_write("Error: Cannot connenct to relay host ".$this->relay_host."\n");
      $this->log_write("Error: ".$errstr." (".$errno.")\n");
      return FALSE;
    }
    $this->log_write("Connected to relay host ".$this->relay_host."\n");
    return TRUE;;
  }

  function smtp_sockopen_mx($address)
  {
    $domain = ereg_replace("^.+@([^@]+)$", "\1", $address);
    if (!@getmxrr($domain, $MXHOSTS)) 
    {
      $this->log_write("Error: Cannot resolve MX \"".$domain."\"\n");
      return FALSE;
    }
    foreach ($MXHOSTS as $host) 
    {
      $this->log_write("Trying to ".$host.":".$this->smtp_port."\n");
      $this->sock = @fsockopen($host, $this->smtp_port, $errno, $errstr, $this->time_out);
      if (!($this->sock  $this->smtp_ok())) 
      {
        $this->log_write("Warning: Cannot connect to mx host ".$host."\n");
        $this->log_write("Error: ".$errstr." (".$errno.")\n");
        continue;
      }
      $this->log_write("Connected to mx host ".$host."\n");
      return TRUE;
    }
    $this->log_write("Error: Cannot connect to any mx hosts (".implode(", ", $MXHOSTS).")\n");
    return FALSE;
  }

  function smtp_message($header, $body)
  {
    fputs($this->sock, $header."\r\n".$body);
    $this->smtp_debug("> ".str_replace("\r\n", "\n"."> ", $header."\n> ".$body."\n> "));
    return TRUE;
  }

  function smtp_eom()
  {
    fputs($this->sock, "\r\n.\r\n");
    $this->smtp_debug(". [EOM]\n");
    return $this->smtp_ok();
  }

  function smtp_ok()
  {
    $response = str_replace("\r\n", "", fgets($this->sock, 512));
    $this->smtp_debug($response."\n");
    if (!ereg("^[23]", $response)) 
    {
      fputs($this->sock, "QUIT\r\n");
      fgets($this->sock, 512);
      $this->log_write("Error: Remote host returned \"".$response."\"\n");
      return FALSE;
    }
    return TRUE;
  }

  function smtp_putcmd($cmd, $arg = "")
  {
    if ($arg != "") 
    {
      if($cmd=="") 
      {
        $cmd = $arg;
      }
      else
      {
        $cmd = $cmd." ".$arg;
      }
    }
    fputs($this->sock, $cmd."\r\n");
    $this->smtp_debug("> ".$cmd."\n");
    return $this->smtp_ok();
  }

  function smtp_error($string)
  {
    $this->log_write("Error: Error occurred while ".$string.".\n");
    return FALSE;
  }

  function log_write($message)
  {
    $this->smtp_debug($message);
    if ($this->log_file == "")
    {
      return TRUE;
    }
    $message = date("M d H:i:s ").get_current_user()."[".getmypid()."]: ".$message;
    if (!@file_exists($this->log_file) || !($fp = @fopen($this->log_file, "a"))) 
    {
      $this->smtp_debug("Warning: Cannot open log file \"".$this->log_file."\"\n");
      return FALSE;;
    }
    flock($fp, LOCK_EX);
    fputs($fp, $message);
    fclose($fp);
    return TRUE;
  }

  function strip_comment($address)
  {
    $comment = "\([^()]*\)";
    while (ereg($comment, $address)) 
    {
      $address = ereg_replace($comment, "", $address);
    }
    return $address;
  }

  function get_address($address)
  {
    $address = ereg_replace("([ \t\r\n])+", "", $address);
    $address = ereg_replace("^.*(.+)>.*$", "\1", $address);
    return $address;
  }

  function smtp_debug($message)
  {
    if ($this->debug) 
    {
      echo $message;
    }
  }

}

?>
實現效果:

有需要的朋友可以參考下,希望大家能夠喜歡。

您可能感興趣的文章:
  • vbs qq自動登錄腳本改進版
  • 在PHP中運行Linux命令并啟動SSH服務的例子
  • ssh遠程執行命令方法和Shell腳本實例
  • python下paramiko模塊實現ssh連接登錄Linux服務器

標簽:大興安嶺 安康 三門峽 大慶 江西 上饒 仙桃 遵義

巨人網絡通訊聲明:本文標題《腳本實現SSH登錄郵件報警》,本文關鍵詞  腳本,實現,SSH,登錄,郵件,;如發現本文內容存在版權問題,煩請提供相關信息告之我們,我們將及時溝通與處理。本站內容系統采集于網絡,涉及言論、版權與本站無關。
  • 相關文章
  • 下面列出與本文章《腳本實現SSH登錄郵件報警》相關的同類信息!
  • 本頁收集關于腳本實現SSH登錄郵件報警的相關信息資訊供網民參考!
    • 推薦文章
    主站蜘蛛池模板: 贺兰县| 晋中市| 建德市| 大同县| 肥东县| 廉江市| 菏泽市| 雅安市| 桐乡市| 德化县| 盘锦市| 北京市| 建平县| 渝中区| 滦南县| 从化市| 凌云县| 建阳市| 社会| 大宁县| 宁强县| 蒙自县| 峨山| 津市市| 荣昌县| 双桥区| 周宁县| 根河市| 明溪县| 启东市| 邓州市| 天等县| 如东县| 张家口市| 抚州市| 广宗县| 天水市| 昔阳县| 天台县| 屯昌县| 威信县|