Run scripts automatically in server after ssh connection

networking server ssh scripts
53,519

Solution 1

You can do so by adding the following parameter to your config file (/etc/ssh/sshd_config).

 ForceCommand
         Forces the execution of the command specified by ForceCommand, ignoring any command supplied by the client and ~/.ssh/rc if present.  The command is invoked by using the user's login shell
         with the -c option.  This applies to shell, command, or subsystem execution.  It is most useful inside a Match block.  The command originally supplied by the client is available in the
         SSH_ORIGINAL_COMMAND environment variable.  Specifying a command of “internal-sftp” will force the use of an in-process sftp server that requires no support files when used with
         ChrootDirectory.

An other option is to use the .ssh/rc files on a per user basis.

To use the ForceCommand method you just add ForceCommand /usr/bin/ownscript at the bottom of the file /etc/ssh/sshd_config (on the server).

The script looks like this:

#!/bin/bash
#Script file for ssh
#
#put your commands here
echo "test" > /tmp/test.txt
#
#exit by calling a shell to open for the ssh session
/bin/bash

Don't forget to chmod the script sudo chmod +x /usr/bin/ownscript

Solution 2

You can create a /etc/ssh/sshrc file. See man 8 ssh. If you want this for a single user, use ~/.ssh/rc.

Here is a sample /etc/ssh/sshrc that will notify you via dbus when someone logs in on your machine. Don't forget to chmod +x:

#!/bin/bash

ip=`echo $SSH_CONNECTION | cut -d " " -f 1`

notify-send -u CRITICAL "SSH connection from ${ip}" "User $USER just logged in from $ip"

Solution 3

For execution of a script during logon, add it as a call from within the /etc/profile script. This is executed for every logon, not only for ssh logons.

Share:
53,519
Enthusiast
Author by

Enthusiast

Updated on September 18, 2022

Comments

  • Enthusiast
    Enthusiast almost 2 years

    how to run a script automatically in server soon after client system establish ssh connection with the server

    for ex: suppose a user will logon to my computer from another system(connected via lan) using ssh connection. At that time, A script(python or shell) should be run automatically in my system to perform some validation?

    How to run the script automatically in server system?

  • Enthusiast
    Enthusiast over 10 years
    thanks for the answer. Could you please give an example command
  • Enthusiast
    Enthusiast over 10 years
    but whether force command execute the command in server(admin login)or in client login ? I want to execute command in server login
  • Requist
    Requist over 10 years
    The command is issued on the server. Just add ForceCommand /path/command.script at the bottom of your config will do the trick. However, I encountered it will just execute this command so you need to start a shell in your scriptfile. For better readability I will add an example to my original answer.
  • Enthusiast
    Enthusiast over 10 years
    thank you. can i run python script instead of shell script ?
  • Enthusiast
    Enthusiast over 10 years
    suppose i execute my custom command, Is there any way to retrieve the IP address and login name of the user(I want to know because of which login my command got executed ?
  • Enthusiast
    Enthusiast over 10 years
    I am concerned about only clients systems connected using ssh connection
  • Requist
    Requist over 10 years
    Yes, a python script would do also, just make sure to exit with starting a new shell. All ssh connections are logged by default, you can see them using the command: cat /var/log/auth.log |grep Accepted\ password
  • Enthusiast
    Enthusiast over 10 years
    But normally log file contains all the entries of the logged in system. suppose one user named "john" logged from remote system. and as per force command, a command got executed, But how do i retrieve only user john and his ip address ?
  • Requist
    Requist over 10 years
    whoami will give you the user logging in. You could parse that into a variable and use this variable to lookup ip in the auth.log. Something like: cat /var/log/auth.log |grep Accepted\ password |grep john | tail -1
  • Eugen Konkov
    Eugen Konkov over 8 years
    How to force different command for each connection?
  • bschlueter
    bschlueter over 8 years
    This won't consistently work if users have different shells as not all shells source /etc/profile.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Corrupted MAC on input. ssh_dispatch_run_fatal:message authentication code incorrect unable to ssh jupyter notebook on remote server
ssh fails because port 22 doesn't work with AT&T Uverse
ssh: connect to host [ip] port 22: No route to host
Ubuntu server 16.04 can't ping outside IP's or domains or do updates
Open ssh error: packet_write_wait: Connection to x.x.x.x port 22: Broken pipe
SSH connection timed out externally, but works internally
SSH to the Ubuntu host machine from a Ubuntu VirtualBox guest?
How can I access to guest machine via ssh which has Bridged Adapter
Is PPTP a secure VPN-protocol?
Can't ssh into server, connection refused