VPS Enable SSH service to expose the server to the Internet, providing an opportunity for hacker attacks, especially when the VPS also allows root direct access. The VPS should successfully attempt to configure an automatic email alert for each SSH login. The owner of the VPS server will be notified of various SSH server access logs, such as logins, logon hours, and source IP addresses. This is an important security concern for server owners to protect the server from unknown logon attempts. This is because if hackers use brute force to hack through SSH to login to your VPS, the consequences are serious. In this article, I'll explain how to set up an email warning for all SSH user logins at CentOS 6, CentOS 7, RHEL 6, and RHEL 7.
Log in to your server using the root user;
Configure the warning (/ETC/BASHRC) at the global source definition, which will take effect for both the root user and the normal User:
[Root@vps ~]# VI/ETC/BASHRC
Add the following content to the end of the above file.
Echo ' Alert-root Shell Access (vps.ehowstuff.com) on: ' ' Date ' | Mail-s "Alert:root Access from" who | Cut-d ' ('-f2 | cut-d ') '-f1 ' recipient@gmail.com
Optionally, you can make the warning available only to the root user:
Add the above to the tail of the/ROOT/.BASHRC