Dynmotd: add a find command to get the last auth.log file and print the
number of sudo and ssh auth failed.
This commit is contained in:
parent
f001d412de
commit
2469487031
25
dynmotd
25
dynmotd
|
|
@ -87,11 +87,13 @@ PROC_COUNT=$(expr $PROC_COUNT - 5)
|
|||
PROC_LIMIT=$(ulimit)
|
||||
|
||||
#++++++++++++: Authentication Information :+++++++++++++
|
||||
#AUTH_LOG_FILE=$(find /var/log -iname "auth.log")
|
||||
#SSH_USER_LOGIN=$(grep 'session opened' "${AUTH_LOG_FILE}" | awk '/sshd/' | awk "/${USERNAME}/" | wc -l)
|
||||
#SSH_FAIL_LOGIN=$(grep sshd "${AUTH_LOG_FILE}" | awk '/Failed/' | wc -l)
|
||||
#SUDO_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/authentication failure/' | wc -l)
|
||||
#SUDO_3_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/3 incorrect password/' | wc -l)
|
||||
# Get only one "auth.log" file path, the most recent
|
||||
# Simpliest way to get it?
|
||||
AUTH_LOG_FILE=$(find /var/log -iname 'auth.log' -type f -printf '%TY-%Tm-%Td_%TT %p\n' | sort -r | tail -n1 | cut -d' ' -f2)
|
||||
SSH_USER_LOGIN=$(grep 'session opened' "${AUTH_LOG_FILE}" | awk '/sshd/' | awk "/${USERNAME}/" | wc -l)
|
||||
SSH_FAIL_LOGIN=$(grep sshd "${AUTH_LOG_FILE}" | awk '/Failed/' | wc -l)
|
||||
SUDO_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/authentication failure/' | wc -l)
|
||||
SUDO_3_FAIL=$(grep sudo "${AUTH_LOG_FILE}" | awk '/3 incorrect password/' | wc -l)
|
||||
|
||||
|
||||
MOTD_ORIG='/etc/motd.orig'
|
||||
|
|
@ -122,18 +124,17 @@ ${MAGENTA}+ ${WHITE}Processes\t${MAGENTA}= ${GREEN}$PROC_COUNT of ${PROC_LIMIT}
|
|||
|
||||
|
||||
printf '%b' "\n${MAGENTA}++++++++++++: ${WHITE}Authentication Information${MAGENTA} :+++++++++++++${RESET}"
|
||||
|
||||
#echo -e "${MAGENTA}++++++++++++: ${WHITE}Authentication Information${MAGENTA} :+++++++++++++${RESET} "
|
||||
## Count the number of session for all standard's user (with a home/)
|
||||
#for SSH_USER in `ls -1 /home/`; do
|
||||
#echo -e "${MAGENTA}+ ${WHITE}SSH login ${MAGENTA}= ${GREEN}`grep 'session opened' "${AUTH_LOG_FILE}" | awk '/sshd/' | awk "/${SSH_USER}/" | wc -l` times this week ("${SSH_USER}")"
|
||||
##echo -e "${MAGENTA}+ ${WHITE}SSH login ${MAGENTA}= ${GREEN}`grep 'session opened' "${AUTH_LOG_FILE}".1 | awk '/login/' | awk "/${SSH_USER}/" | wc -l` times this week ("${SSH_USER}")"
|
||||
#done
|
||||
## Count the number of failed ssh authentication
|
||||
#echo -e "${MAGENTA}+ ${WHITE}SSH fail ${MAGENTA}= ${GREEN}${SSH_FAIL_LOGIN} fail(s) this week"
|
||||
## Count the number of failed sudo authentication
|
||||
#echo -e "${MAGENTA}+ ${WHITE}Sudo fail ${MAGENTA}= ${GREEN}${SUDO_FAIL} fail(s) this week
|
||||
#${MAGENTA}+ ${WHITE}Sudo 3 fails ${MAGENTA}= ${GREEN}${SUDO_3_FAIL} fail(s) this week"
|
||||
# Count the number of failed ssh authentication
|
||||
printf '%b' "\n${MAGENTA}+ ${WHITE}SSH fail\t${MAGENTA}= ${GREEN}${SSH_FAIL_LOGIN} fail(s) this week"
|
||||
# Count the number of failed sudo authentication
|
||||
printf '%b' "\n${MAGENTA}+ ${WHITE}Sudo fail\t${MAGENTA}= ${GREEN}${SUDO_FAIL} fail(s) this week
|
||||
${MAGENTA}+ ${WHITE}Sudo 3 fails\t${MAGENTA}= ${GREEN}${SUDO_3_FAIL} fail(s) this week"
|
||||
|
||||
|
||||
printf '%b' "\n${MAGENTA}++++++++++++++++++++: ${WHITE}Disk Usage${MAGENTA} :+++++++++++++++++++++${RESET}"
|
||||
# Root partition
|
||||
|
|
|
|||
Loading…
Reference in New Issue