Is there a way to run a script/command every time a user connects using ssh? Can it be configured globally (i.e run the script when any user login)?
I came across this question on Identica, but there is no answer yet and would like to know it anyway.
Answers:
Thank you for visiting the Q&A section on Magenaut. Please note that all the answers may not help you solve the issue immediately. So please treat them as advisements. If you found the post helpful (or not), leave a comment & I’ll get back to you as soon as possible.
Method 1
For all users, or a particular user? For a single user, set it in their .bashrc file; for all users, check out pam_exec.
If the users are coming in from sshd, you’ll want to add the following line to /etc/pam.d/sshd; other files depending on their source:
session optional pam_exec.so seteuid /path/to/my/hook.sh
For testing purposes, the module is included as optional, so that you can still log in if it fails. After you made sure that it works, you can change optional to required. Then login won’t be possible unless the execution of your hook script is successful.
Note: As always when you change the login configuration, leave a backup shell open in the background and test the login from a new terminal.
Method 2
there’s another way which only influences users using ssh not local ones (which might be better in emergency situations)
see the snippets from the ssh man page below.
in this case the users can usually modify the files themselves (a bit like .bashrc)
~/.ssh/rc
Commands in this file are executed by ssh when the user logs in, just before the user's shell (or command) is started. See the sshd(8) manual page for more information.
and this is global and not modifiable by the normal user
/etc/sshrc
Commands in this file are executed by ssh when the user logs in, just before the user's shell (or command) is started. See the sshd(8) manual page for more information.
All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0