ScriptsCollections/ServerUserCreate
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add warning message for logins

Browse Source
This commit is contained in:
Clemens Schwaighofer
2023-12-21 13:46:58 +09:00
parent 8452a1b8c0
commit 68b450baaf
1 changed files with 11 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
bin/check_last_login.sh
View File

@@ -12,6 +12,7 @@ ssh_reject_group='sshreject';
now=$(date +"%s"); now=$(date +"%s");
# max age for last login or account create without login # max age for last login or account create without login
max_age_login=90; max_age_login=90;
warn_age_login=80;
max_age_create=30; max_age_create=30;
# one day in seconds # one day in seconds
day=86400; day=86400;
@@ -58,13 +59,15 @@ if [ "${OUTPUT_TARGET}" == "text" ]; then
echo "[START] =============>"; echo "[START] =============>";
echo "Hostname : "$(hostname); echo "Hostname : "$(hostname);
echo "Run date : "$(date +"%F %T"); echo "Run date : "$(date +"%F %T");
echo "Max age last login: ${max_age_login} days"; echo "Max age last login : ${max_age_login} days";
echo "Warn age last login: ${warn_age_login} days";
echo "Max age no login : ${max_age_create} days"; echo "Max age no login : ${max_age_create} days";
elif [ "${OUTPUT_TARGET}" == "json" ]; then elif [ "${OUTPUT_TARGET}" == "json" ]; then
echo '"Info": {' echo '"Info": {'
echo '"Hostname": "'$(hostname)'",'; echo '"Hostname": "'$(hostname)'",';
echo '"Date": "'$(date +"%F %T")'",'; echo '"Date": "'$(date +"%F %T")'",';
echo '"MaxAgeLogin": '${max_age_login}','; echo '"MaxAgeLogin": '${max_age_login}',';
echo '"WarnAgeLogin": '${warn_age_login}',';
echo '"MaxAgeCreate": '${max_age_create}''; echo '"MaxAgeCreate": '${max_age_create}'';
echo '},' echo '},'
echo '"Users": [' echo '"Users": ['
@@ -170,6 +173,8 @@ for ssh_group in ${ssh_groups[@]}; do
if [ ${last_login} -gt ${max_age_login} ]; then if [ ${last_login} -gt ${max_age_login} ]; then
out_string="[!] last ssh log in ${last_login} days ago"; out_string="[!] last ssh log in ${last_login} days ago";
lock_user=1; lock_user=1;
elif [ ${last_login} -gt ${warn_age_login} ]; then
out_string="OK [last ssh login ${last_login} days ago";
else else
out_string="OK [ssh]"; out_string="OK [ssh]";
fi; fi;
@@ -186,6 +191,8 @@ for ssh_group in ${ssh_groups[@]}; do
if [ ${last_login} -gt ${max_age_login} ]; then if [ ${last_login} -gt ${max_age_login} ]; then
out_string="[!] last terminal log in ${last_login} days ago"; out_string="[!] last terminal log in ${last_login} days ago";
lock_user=1; lock_user=1;
elif [ ${last_login} -gt ${warn_age_login} ]; then
out_string="OK [last terminal login ${last_login} days ago";
else else
out_string="OK [lastlog]"; out_string="OK [lastlog]";
fi; fi;