So i wanted to setup ssh access to my box from the internet, but naturally I was reticent due to the security implications etc. So I went about setting up PSK authentication only (password login disabled).
To do this, I pretty much followed this guide here.
The long and short of it is this:
1. ssh-keygen -t dsa (on both Server and Client)
2. cat ~/.ssh/id_dsa.pub | ssh user@server “cat – >> ~/.ssh/authorized_keys” (on client; add your key to the server)
3. Then you can go ahead and start tweaking, removing user login, root login, no password authentication etc etc. Theres a lot of good info out there.
So now i’m at the situation where I have PSK login from my laptop to my server, which is pretty darn secure but i’m still worrying about “well what if someone gets in anyway?” and “How would i know?”. So I decided to find a way to get a message alert when someone does login via SSH.
Now there are 2 ways of doing this, but for both we need to: go to “/etc/ssh/” and create a file called “sshrc”. Then go into this “sshrc” file, and do one of the following:
1. sudo -u sam DISPLAY=:0.0 /usr/bin/xmessage -nearmouse “SSH by $USER from $SSH_CLIENT”
2. sudo -u sam DISPLAY=:0.0 notify-send ‘SOMEONE IS SSHing IN’ “SSH by $USER from $SSH_CLIENT”
Now the benefits of using option 1, is that the person SSH’ing in WILL NOT BE ABLE TO GET A TERMINAL SESSION until you click the OK button in the pop up. Now this is a pretty nifty security feature of sorts, but it will stop you having SSH access too if someone aint there to click OK for you.
The second one using the libnotify package, here – to pop up a window in the top right of your screen (generally) and alerts you that someone in SSHing in. This will still allow the user terminal access but let you know if you are at your desk someone is trying to get in.
HTH,
Sam