From e86066ef7422ea6f0f0572859f26ad74069efe1c Mon Sep 17 00:00:00 2001
From: CronyAkatsuki <crony@cronyakatsuki.xyz>
Date: Fri, 10 Nov 2023 20:13:49 +0100
Subject: [PATCH] Site update
---
...hardening-level-pro-notify-on-ssh-login.md | 41 ++++++
.../index.html | 118 ++++++++++++++++++
public/blog/index.html | 3 +
public/blog/index.xml | 35 +++++-
public/sitemap.xml | 7 +-
5 files changed, 201 insertions(+), 3 deletions(-)
create mode 100644 content/blog/hardening-level-pro-notify-on-ssh-login.md
create mode 100644 public/blog/hardening-level-pro-notify-on-ssh-login/index.html
diff --git a/content/blog/hardening-level-pro-notify-on-ssh-login.md b/content/blog/hardening-level-pro-notify-on-ssh-login.md
new file mode 100644
index 0000000..c51125f
--- /dev/null
+++ b/content/blog/hardening-level-pro-notify-on-ssh-login.md
@@ -0,0 +1,41 @@
++++
+title = 'Hardening Level Pro: Notify on SSH Login'
+date = 2023-11-10T19:27:27+01:00
+draft = false
++++
+
+You ever anxious about somebody possibly gaining access to your machine? Fret not, you can just make it so that on any kind of login to your system directly you can get a notification on your phone.
+
+---
+
+For this you will need a way to receive the messaggess. I personally use a selfhosted [ntfy.sh](https://ntfy.sh/) server.
+
+The most important way of managing your linux vps or in general any machine for most of us is ssh. So why not just get a notification whenever somebody logins!? Even you!
+
+To achieve this you will need to make a shell script and use a pam module, yes you will need to enable UsePAM in your sshd config, but don't worry it's secure.
+
+> /usr/bin/ntfy-ssh-login.sh
+
+```bash
+#!/bin/bash
+if [ "${PAM_TYPE}" = "open_session" ]; then
+ curl \
+ -H prio:high \
+ -H tags:warning \
+ -d "SSH login: ${PAM_USER} from ${PAM_RHOST}" \
+ ntfy.sh/{YourTopic}
+fi
+```
+
+> /etc/pam.d/sshd
+
+```conf
+# at the end of the file
+session optional pam_exec.so /usr/bin/ntfy-ssh-login.sh
+```
+
+Also make sure that pam is realoaded using this command `pam-auth-update --force --package`.
+
+You can modify the script to do email or anythingg else, but I preffer ntfy since the notification are instant.
+
+Hope this was of help and let's see you in another post.
diff --git a/public/blog/hardening-level-pro-notify-on-ssh-login/index.html b/public/blog/hardening-level-pro-notify-on-ssh-login/index.html
new file mode 100644
index 0000000..1aecb47
--- /dev/null
+++ b/public/blog/hardening-level-pro-notify-on-ssh-login/index.html
@@ -0,0 +1,118 @@
+<!doctype html>
+<html lang="en">
+
+<head>
+<meta charset="UTF-8" />
+<meta name="viewport" content="width=device-width, initial-scale=1" />
+<link href="/css/style.css" rel="stylesheet" />
+
+<title>Hardening Level Pro: Notify on SSH Login</title>
+ <meta property="og:title" content="Hardening Level Pro: Notify on SSH Login" />
+<meta property="og:description" content="You ever anxious about somebody possibly gaining access to your machine? Fret not, you can just make it so that on any kind of login to your system directly you can get a notification on your phone.
+For this you will need a way to receive the messaggess. I personally use a selfhosted ntfy.sh server.
+The most important way of managing your linux vps or in general any machine for most of us is ssh." />
+<meta property="og:type" content="article" />
+<meta property="og:url" content="https://cronyakatsuki.xyz/blog/hardening-level-pro-notify-on-ssh-login/" /><meta property="article:section" content="blog" />
+<meta property="article:published_time" content="2023-11-10T19:27:27+01:00" />
+<meta property="article:modified_time" content="2023-11-10T19:27:27+01:00" /><meta property="og:site_name" content="Crony Akatsuki's Website" />
+
+</head>
+
+<body>
+ <header>
+ <h1>Crony Akatsuki</h1>
+ <nav>
+ <span><a href="/">Home</a></span>
+ <span>|</span>
+ <span><a href="/about">About</a></span>
+ <span>|</span>
+ <span><a href="/blog">Blog</a></span>
+ <span>|</span>
+ <span><a href="/services">Services</a></span>
+ </nav>
+</header>
+
+
+ <main>
+ <div id="content">
+
+<h1>Hardening Level Pro: Notify on SSH Login</h1>
+
+
+
+<div id="blog-meta">
+ <p id="date">10-11-2023</p>
+
+
+ <hr>
+</div>
+
+ <p>You ever anxious about somebody possibly gaining access to your machine? Fret not, you can just make it so that on any kind of login to your system directly you can get a notification on your phone.</p>
+<hr>
+<p>For this you will need a way to receive the messaggess. I personally use a selfhosted <a href="https://ntfy.sh/">ntfy.sh</a> server.</p>
+<p>The most important way of managing your linux vps or in general any machine for most of us is ssh. So why not just get a notification whenever somebody logins!? Even you!</p>
+<p>To achieve this you will need to make a shell script and use a pam module, yes you will need to enable UsePAM in your sshd config, but don’t worry it’s secure.</p>
+<blockquote>
+<p>/usr/bin/ntfy-ssh-login.sh</p>
+</blockquote>
+<div class="highlight"><pre tabindex="0" style="color:#c6d0f5;background-color:#303446;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#737994;font-style:italic">#!/bin/bash
+</span></span></span><span style="display:flex;"><span><span style="color:#737994;font-style:italic"></span><span style="color:#ca9ee6">if</span> <span style="color:#99d1db;font-weight:bold">[</span> <span style="color:#a6d189">"</span><span style="color:#a6d189">${</span><span style="color:#f2d5cf">PAM_TYPE</span><span style="color:#a6d189">}</span><span style="color:#a6d189">"</span> <span style="color:#99d1db;font-weight:bold">=</span> <span style="color:#a6d189">"open_session"</span> <span style="color:#99d1db;font-weight:bold">]</span>; <span style="color:#ca9ee6">then</span>
+</span></span><span style="display:flex;"><span> curl <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> -H prio:high <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> -H tags:warning <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> -d <span style="color:#a6d189">"SSH login: </span><span style="color:#a6d189">${</span><span style="color:#f2d5cf">PAM_USER</span><span style="color:#a6d189">}</span><span style="color:#a6d189"> from </span><span style="color:#a6d189">${</span><span style="color:#f2d5cf">PAM_RHOST</span><span style="color:#a6d189">}</span><span style="color:#a6d189">"</span> <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> ntfy.sh/<span style="color:#99d1db;font-weight:bold">{</span>YourTopic<span style="color:#99d1db;font-weight:bold">}</span>
+</span></span><span style="display:flex;"><span><span style="color:#ca9ee6">fi</span>
+</span></span></code></pre></div><blockquote>
+<p>/etc/pam.d/sshd</p>
+</blockquote>
+<pre tabindex="0"><code class="language-conf" data-lang="conf"># at the end of the file
+session optional pam_exec.so /usr/bin/ntfy-ssh-login.sh
+</code></pre><p>Also make sure that pam is realoaded using this command <code>pam-auth-update --force --package</code>.</p>
+<p>You can modify the script to do email or anythingg else, but I preffer ntfy since the notification are instant.</p>
+<p>Hope this was of help and let’s see you in another post.</p>
+ </div>
+ </main>
+ <footer>
+ <div id="links">
+ <span><a href="https://code.cronyakatsuki.xyz">Code</a></span>
+ <span>|</span>
+ <span><a href="https://steamcommunity.com/id/CronyAkatsuki/">Steam</a></span>
+ <span>|</span>
+ <span><a href="https://osu.ppy.sh/users/18953565">Osu!</a></span>
+ <span>|</span>
+ <span><a href="https://anilist.co/user/CronyAkatsuki/">Anilist</a></span>
+ <span>|</span>
+ <span><a href="https://youtube.com/channel/UClFdlNlUipHG5Kit8GbFz5Q">Gaming Channel</a></span>
+ <span>|</span>
+ <span><a href="https://uptime.cronyakatsuki.xyz/status/public">Services Status</a></span>
+ </div>
+ <div id="banners">
+ <a rel="noreferrer" href="/" target="_blank"><img src="/88x31.png"
+ alt="Me" title="Me" /></a>
+ <a rel="noreferrer" href="https://kernel.org" target="_blank"><img src="https://cyber.dabamos.de/88x31/linux_powered.gif"
+ alt="linux kernel" title="Best kernel in the world" /></a>
+ <a rel="noreferrer" href="https://debian.org" target="_blank"><img src="https://cyber.dabamos.de/88x31/debian.gif"
+ alt="debian" title="This website run's on debian" /></a>
+ <a rel="noreferrer" href="https://bitwarden.com" target="_blank"><img src="https://cyber.dabamos.de/88x31/bitwarden.gif"
+ alt="Bitwarden" title="Bitwarden/Vaultwarden for the win" /></a>
+ <a rel="noreferrer" target="_blank"><img src="https://cyber.dabamos.de/88x31/free.gif"
+ alt="foss" title="Foss is the way" /></a>
+ <a rel="noreferrer" href="https://neovim.io" target="_blank"><img src="/assets/badges/neovim.gif"
+ alt="Neovim" title="Written in neovim" /></a>
+ <a rel="noreferrer" href="https://landchad.net" target="_blank"><img src="https://landchad.net/pix/landchad.gif"
+ alt="LandChad" title="Get A Website!" /></a>
+ <a rel="noreferrer" href="https://poggerer.xyz" target="_blank"><img src="https://poggerer.xyz/88x31.png"
+ alt="Tulg" title="Tulg" /></a>
+ <a rel="noreferrer" href="https://arthurmelton.com" target="_blank"><img src="https://arthurmelton.com/88x31.png"
+ alt="AMTitan" title="AMTitan" /></a>
+ <a rel="noreferrer" href="https://aadi.net.in" target="_blank"><img src="https://aadi.net.in/88x31.png"
+ alt="Aadi" title="Aadi" /></a>
+ <a rel="noreferrer" href="https://bear.oops.wtf/" target="_blank"><img src="https://bear.oops.wtf/download/88x31.png"
+ alt="Bear" title="Bear" /></a>
+ </div>
+</footer>
+
+</body>
+
+</html>
diff --git a/public/blog/index.html b/public/blog/index.html
index 9db063c..364b30c 100644
--- a/public/blog/index.html
+++ b/public/blog/index.html
@@ -39,6 +39,9 @@
<section class="list">
+ <a href="/blog/hardening-level-pro-notify-on-ssh-login/">
+ 10-11-2023 || Hardening Level Pro: Notify on SSH Login</a><br />
+
<a href="/blog/virgin-mutt-user-meet-mblaze/">
24-10-2023 || Virgin (Neo)Mutt User Meet Mblaze</a><br />
diff --git a/public/blog/index.xml b/public/blog/index.xml
index 4adea3b..303dffa 100644
--- a/public/blog/index.xml
+++ b/public/blog/index.xml
@@ -6,11 +6,44 @@
<description>Recent content in Blog on Crony Akatsuki's Website</description>
<generator>Hugo -- gohugo.io</generator>
<language>en-us</language>
- <lastBuildDate>Tue, 24 Oct 2023 18:13:18 +0200</lastBuildDate>
+ <lastBuildDate>Fri, 10 Nov 2023 19:27:27 +0100</lastBuildDate>
<atom:link href="https://cronyakatsuki.xyz/blog/index.xml" rel="self" type="application/rss+xml" />
+ <item>
+<title>Hardening Level Pro: Notify on SSH Login</title>
+<link>https://cronyakatsuki.xyz/blog/hardening-level-pro-notify-on-ssh-login/</link>
+<pubDate>10-11-2023</pubDate>
+
+ <guid>https://cronyakatsuki.xyz/blog/hardening-level-pro-notify-on-ssh-login/</guid>
+<description><p>You ever anxious about somebody possibly gaining access to your machine? Fret not, you can just make it so that on any kind of login to your system directly you can get a notification on your phone.</p>
+<hr>
+<p>For this you will need a way to receive the messaggess. I personally use a selfhosted <a href="https://ntfy.sh/">ntfy.sh</a> server.</p>
+<p>The most important way of managing your linux vps or in general any machine for most of us is ssh. So why not just get a notification whenever somebody logins!? Even you!</p>
+<p>To achieve this you will need to make a shell script and use a pam module, yes you will need to enable UsePAM in your sshd config, but don&rsquo;t worry it&rsquo;s secure.</p>
+<blockquote>
+<p>/usr/bin/ntfy-ssh-login.sh</p>
+</blockquote>
+<div class="highlight"><pre tabindex="0" style="color:#c6d0f5;background-color:#303446;-moz-tab-size:4;-o-tab-size:4;tab-size:4;"><code class="language-bash" data-lang="bash"><span style="display:flex;"><span><span style="color:#737994;font-style:italic">#!/bin/bash
+</span></span></span><span style="display:flex;"><span><span style="color:#737994;font-style:italic"></span><span style="color:#ca9ee6">if</span> <span style="color:#99d1db;font-weight:bold">[</span> <span style="color:#a6d189">&#34;</span><span style="color:#a6d189">${</span><span style="color:#f2d5cf">PAM_TYPE</span><span style="color:#a6d189">}</span><span style="color:#a6d189">&#34;</span> <span style="color:#99d1db;font-weight:bold">=</span> <span style="color:#a6d189">&#34;open_session&#34;</span> <span style="color:#99d1db;font-weight:bold">]</span>; <span style="color:#ca9ee6">then</span>
+</span></span><span style="display:flex;"><span> curl <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> -H prio:high <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> -H tags:warning <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> -d <span style="color:#a6d189">&#34;SSH login: </span><span style="color:#a6d189">${</span><span style="color:#f2d5cf">PAM_USER</span><span style="color:#a6d189">}</span><span style="color:#a6d189"> from </span><span style="color:#a6d189">${</span><span style="color:#f2d5cf">PAM_RHOST</span><span style="color:#a6d189">}</span><span style="color:#a6d189">&#34;</span> <span style="color:#8caaee">\
+</span></span></span><span style="display:flex;"><span><span style="color:#8caaee"></span> ntfy.sh/<span style="color:#99d1db;font-weight:bold">{</span>YourTopic<span style="color:#99d1db;font-weight:bold">}</span>
+</span></span><span style="display:flex;"><span><span style="color:#ca9ee6">fi</span>
+</span></span></code></pre></div><blockquote>
+<p>/etc/pam.d/sshd</p>
+</blockquote>
+<pre tabindex="0"><code class="language-conf" data-lang="conf"># at the end of the file
+session optional pam_exec.so /usr/bin/ntfy-ssh-login.sh
+</code></pre><p>Also make sure that pam is realoaded using this command <code>pam-auth-update --force --package</code>.</p>
+<p>You can modify the script to do email or anythingg else, but I preffer ntfy since the notification are instant.</p>
+<p>Hope this was of help and let&rsquo;s see you in another post.</p>
+</description>
+</item>
+
<item>
<title>Virgin (Neo)Mutt User Meet Mblaze</title>
<link>https://cronyakatsuki.xyz/blog/virgin-mutt-user-meet-mblaze/</link>
diff --git a/public/sitemap.xml b/public/sitemap.xml
index 0d0c7a3..db99b1a 100644
--- a/public/sitemap.xml
+++ b/public/sitemap.xml
@@ -3,10 +3,13 @@
xmlns:xhtml="http://www.w3.org/1999/xhtml">
<url>
<loc>https://cronyakatsuki.xyz/blog/</loc>
- <lastmod>2023-10-24T18:13:18+02:00</lastmod>
+ <lastmod>2023-11-10T19:27:27+01:00</lastmod>
</url><url>
<loc>https://cronyakatsuki.xyz/</loc>
- <lastmod>2023-10-24T18:13:18+02:00</lastmod>
+ <lastmod>2023-11-10T19:27:27+01:00</lastmod>
+ </url><url>
+ <loc>https://cronyakatsuki.xyz/blog/hardening-level-pro-notify-on-ssh-login/</loc>
+ <lastmod>2023-11-10T19:27:27+01:00</lastmod>
</url><url>
<loc>https://cronyakatsuki.xyz/blog/virgin-mutt-user-meet-mblaze/</loc>
<lastmod>2023-10-24T18:13:18+02:00</lastmod>