├── .env.template
├── .gitignore
├── README.md
├── app.sh
└── scripts
    └── send_message.sh


/.env.template:
--------------------------------------------------------------------------------
1 | CHAT_ID=1234566
2 | TELEGRAM_BOT_TOKEN=blahblah


--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | .env


--------------------------------------------------------------------------------
/README.md:
--------------------------------------------------------------------------------
 1 | Telegram SSH Notifier
 2 | 
 3 | <img width="752" alt="image" src="https://github.com/alirezaopmc/ssh-notifier/assets/35873101/d7093063-d949-4568-9ed0-4dcee8c20b24">
 4 | 
 5 | 
 6 | # Overview
 7 | This is a simple Telegram SSH notifier script written in Bash. It sends notifications to a specified Telegram chat whenever an SSH session is initiated on the server.
 8 | 
 9 | # Installation
10 | ## Step 1: Copy the Directory
11 | Copy the ssh-notifier directory to the /usr/local/ directory to make it accessible publicly.
12 | 
13 | ```bash
14 | cp -r ssh-notifier /usr/local/
15 | ```
16 | 
17 | ## Step 2: Update PAM Configuration
18 | Open the /etc/pam.d/sshd file and add the following line at the end. This line invokes the notifier script with relevant parameters.
19 | 
20 | ```bash
21 | session required pam_exec.so /usr/local/ssh-notifier/app.sh "$PAM_USER" "$PAM_RHOST"
22 | ```
23 | 
24 | ## Step 3: Restart SSH Service
25 | Restart the SSH service to apply the changes.
26 | 
27 | ```bash
28 | service ssh restart
29 | ```
30 | 
31 | # Configuration
32 | Prior to utilizing the notifier, ensure that you create a .env file containing the necessary variables:
33 | 
34 | ```bash
35 | TELEGRAM_BOT_TOKEN="YOUR_BOT_TOKEN"
36 | TELEGRAM_CHAT_ID="YOUR_CHAT_ID"
37 | ```
38 | Replace YOUR_BOT_TOKEN and YOUR_CHAT_ID with your actual Telegram bot token and chat ID.
39 | 
40 | # Usage
41 | Once configured, the notifier will send a Telegram message whenever a user logs into the server via SSH.
42 | 
43 | # Additional Notes
44 | Ensure that the necessary permissions are set for the script and that it is executable. You can use the following command:
45 | 
46 | ```bash
47 | chmod +x /usr/local/ssh-notifier/app.sh
48 | ```
49 | 
50 | Feel free to customize the script further to suit your needs.
51 | 


--------------------------------------------------------------------------------
/app.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | SCRIPT_DIR="$(cd "$(dirname "${BASH_SOURCE[0]}")" && pwd)"
 4 | 
 5 | # Variables
 6 | if [ -f "$SCRIPT_DIR/.env" ]; then
 7 |     while IFS= read -r line; do
 8 |         export "$line"
 9 |     done < "$SCRIPT_DIR/.env"
10 | else
11 |     echo "Error: The .env file is missing."
12 |     exit 1
13 | fi
14 | 
15 | # Determine if the event is a login or logout
16 | if [ "$PAM_TYPE" == "open_session" ]; then
17 |     IN_OR_OUT="in"
18 | else
19 |     IN_OR_OUT="out"
20 | fi
21 | 
22 | # Check if the current user matches the target user
23 | IP_ADDRESS="$PAM_RHOST"
24 | HOSTNAME="$(hostname)"
25 | MESSAGE="User $PAM_USER logged $IN_OR_OUT IP=$IP_ADDRESS HOSTNAME=$HOSTNAME via SSH."
26 | 
27 | "$SCRIPT_DIR/scripts/send_message.sh" "$CHAT_ID" "$TELEGRAM_BOT_TOKEN" "$MESSAGE" true
28 | 


--------------------------------------------------------------------------------
/scripts/send_message.sh:
--------------------------------------------------------------------------------
 1 | #!/usr/bin/env bash
 2 | 
 3 | # Function to display script usage
 4 | display_help() {
 5 |     echo "Usage: $0 <CHAT_ID> <TELEGRAM_BOT_TOKEN> <MESSAGE> [NOTIFY]"
 6 |     echo "Options:"
 7 |     echo "  -h, --help         Display this help message"
 8 | }
 9 | 
10 | # Check for the help flag
11 | if [[ "$1" == "--help" || "$1" == "-h" ]]; then
12 |     display_help
13 |     exit 0
14 | fi
15 | 
16 | # Check if all required arguments are provided
17 | if [ "$#" -lt 3 ]; then
18 |     echo "Error: Insufficient number of arguments."
19 |     display_help
20 |     exit 1
21 | fi
22 | 
23 | # Extract arguments
24 | CHAT_ID="$1"
25 | TELEGRAM_BOT_TOKEN="$2"
26 | MESSAGE="$3"
27 | NOTIFY=${4:-false}
28 | 
29 | # Check if NOTIFY is "true" or "false"
30 | if [[ "$NOTIFY" == "true" ]]; then
31 |     DISABLE_NOTIFICATION=true
32 | else
33 |     DISABLE_NOTIFICATION=false
34 | fi
35 | 
36 | curl -X POST \
37 |      -H 'Content-Type: application/json' \
38 |      -d '{"chat_id": "'"$CHAT_ID"'", "text": "'"$MESSAGE"'", "disable_notification": '"$DISABLE_NOTIFICATION"'}' \
39 |      https://api.telegram.org/bot$TELEGRAM_BOT_TOKEN/sendMessage
40 | 


--------------------------------------------------------------------------------