Set alerting for root login.

July 23, 2020July 23, 2020 Admin Linux

If you are using Linux server, you must have enhanced security by Changing Default SSH port. (If you haven’t you should do it immediately). To further secure your environment, you should consider setting alerts for root login.
Setting alerts for root account login is useful in many ways. To track who logged in and for security reason,

Steps to enable Alerting for root login

Login to server and switch to root user.
Open file /root/.bash_profile and append the code below.

/usr/bin/echo 'ALERT - Root Shell Access on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d"(" -f2 | cut -d")" -f1`" email@yourdomain.com

Simple, isn’t it?
You can try to login/switch to root user and you should get the email like this.

ALERT - Root Shell Access on: Thu Jul 23 09:42:46 UTC 2020 user pts/0 2020-07-23 09:42 (xx.xx.xx.xx)

15 thoughts to “Set alerting for root login.”

Pingback: Disable direct root Login. | Just Geek
firewall says:

October 1, 2020 at 1:27 am

Iceland

Reply
Money Market Account says:

October 2, 2020 at 7:15 pm

XML

Reply
Views says:

October 8, 2020 at 12:52 pm

grey

Reply
Steel says:

October 10, 2020 at 8:37 am

mobile

Reply
homogeneous says:

October 15, 2020 at 9:05 am

envisioneer

Reply
Kentucky says:

October 20, 2020 at 5:47 am

Focused

Reply
sensor says:

October 21, 2020 at 3:01 pm

Ergonomic Soft Computer

Reply
hacking says:

November 18, 2020 at 8:06 pm

gold

Reply
Cambridgeshire says:

November 20, 2020 at 5:39 pm

Designer

Reply
Incredible says:

November 30, 2020 at 9:09 pm

protocol

Reply
Lead says:

December 8, 2020 at 10:09 pm

Principal

Reply
Via says:

December 14, 2020 at 1:57 pm

secured line

Reply
Optional says:

December 15, 2020 at 4:32 am

bricks-and-clicks

Reply
Checking Account says:

December 29, 2020 at 7:20 am

Fantastic Cotton Salad

Reply

15 thoughts to “Set alerting for root login.”

Leave a Reply Cancel reply