Search Our Database
How to set SSH root login email alerts in a Linux Server
Introduction
To improve the security of the server, especially the webserver which exposes to the internet and worldwide hackers, it’s a good way to enable the server to send a notification email automatically to a predefined email address every time someone logs in as “root” to the host. To configure the automatic email alert notification to a default email address on each incident of root login to the server, use the following guide:
Step-by-Step Guide
1. On Debian/Ubuntu/Linux Mint
apt-get install mailx
On RHEL/CentOS/Fedora
yum install mailx
2. Now login as a root user and go to the root’s home directory by typing cd /root command:
cd /root
3. Open .bashrc file with vi or nano editor. Please remember .bashrc is a hidden file, you won’t see it by doing ls -l command. You have to use -a flag to see the hidden files in Linux
vi .bashrc
4. Add the following line at the bottom of the file, make sure to replace “ServerName” with a hostname of your server and change “your@yourdomain.com” with your email address
echo 'ALERT - Root Shell Access (ServerName) on:' `date` `who` | mail -s "Alert: Root Access from `who | cut -d'(' -f2 | cut -d')' -f1`" your@yourdomain.com
5. Save and close the file and logout and log back in. Once you log in via SSH, a .bashrc file by default executes and sends you the root login alert.
Source: How to Set SSH Login Email Alerts in Linux Server
Conclusion
This simple setup helps improve server security by notifying you of every root login via email, allowing you to monitor unauthorized access.
For additional assistance, or if you encounter issues, please contact our support team at support@ipserverone.com.
Article posted on 2020-04-04 by IPSERVERONE