Skip to main content
Menu
linux | Cheatsheets
linux

Monitor and Alert SSH Login Activty

September 3, 2021
linux, mail
devops, monitoring

Edit sshrc file # vi /et/ssh/sshrc Add following lines ip=`echo $SSH_CONNECTION | cut -d " " -f 1` logger -t ssh-wrapper $USER login from $ip echo "User $USERjust logged in from $ip" | mail -s "[ATTENTION] $USERJust logged in from $ip" your-email@your-domain.com Monitor your ssh authorized_keys changes # create notify.sh script file and add following code of lines #!/bin/bash [[ -z `find /home/ubuntu/.ssh/authorized_keys -mmin -1` ]] if [ $? ...

Configure SMTP with Gmail Using Postfix

September 3, 2021
linux, mail
devops, monitoring

Setup Google App password # Go account security https://myaccount.google.com/security Create App Password Select App as Mail Select Device (other) > name your system Generate Note down Generated password Install all necessary packages # sudo apt-get install postfix mailutils libsasl2-2 ca-certificates libsasl2-modules Edit postfix config file # vi /etc/postfix/main.cf and following lines to it: relayhost = [smtp.gmail.com]:587 smtp_tls_security_level = may smtp_sasl_auth_enable = yes smtp_sasl_security_options = smtp_sasl_password_maps = hash:/etc/postfix/sasl_passwd smtp_sasl_security_options = noanonymous smtp_use_tls = yes mydestination = inet_protocols = ipv4 Edit sasl_passwd file # vi /etc/postfix/sasl_passwd add gmail username and generate password ...

Setup SSL/TLS using certbot with NGINX

January 6, 2020
linux
nginx

Install Certbot # add-apt-repository ppa:certbot/certbot apt-get update apt-get install python-certbot-nginx Obtain the SSL/TLS Certificate # certbot --nginx -d xyz.com -d www.xyz.com Obtain wildcard Certificate # certbot certonly --manual -d '*.xyz.com' Install NGINX # apt-get install nginx -y Set Up NGINX # NGINX Config file # /etc/nginx/nginx.conf # user www-data; worker_processes auto; pid /run/nginx.pid; include /etc/nginx/modules-enabled/*.conf; events { worker_connections 768; # multi_accept on; } http { ## # Basic Settings ## map $http_upgrade $connection_upgrade { default upgrade; '' close; } sendfile on; tcp_nopush on; tcp_nodelay on; keepalive_timeout 65; types_hash_max_size 2048; # server_tokens off; # server_names_hash_bucket_size 64; # server_name_in_redirect off; include /etc/nginx/mime. ...

SSH Dynamic Port Forwarding on Linux

May 28, 2021
linux
ssh

Step 1 # Generate SSH keys through ssh-keygen ssh-keygen Step 2 # Copy your public key form ~/.ssh/id_rsa.pub $ cat ~/.ssh/id_rsa.pub Step 3 # Login into your remote hosted linux machine Step 4 # Create authorized_keys file and put your public key into ~/.ssh/ directory Step 5 # Create config file with below data and put into your local system where your public and private ssh key exist ...