首先,编辑脚本/usr/local/sbin/sshlog.sh,将登录信息写入日志文件。
#!/bin/bash
LOGFILE=/var/log/ssh.log
date >> $LOGFILE
echo $1 >>$LOGFILE
echo $2 >>$LOGFILE
echo $3 >>$LOGFILE
echo $4 >>$LOGFILE
echo $5 >>$LOGFILE
echo $6 >>$LOGFILE
echo $7 >>$LOGFILE
echo $8 >>$LOGFILE
echo >>$LOGFILE
然后,编辑/etc/hosts.allow 文件,添加调用脚本信息。
#
# hosts.allow This file describes the names of the hosts which are
# allowed to use the local INET services, as decided
# by the '/usr/sbin/tcpd' server.
#
sshd:ALL: spawn (/usr/local/sbin/sshlog.sh %a %c %d %h %n %p %s %u)
发表评论