O'Reilly Hacks
oreilly.comO'Reilly NetworkSafari BookshelfConferences Sign In/My Account | View Cart   
Book List Learning Lab PDFs O'Reilly Gear Newsletters Press Room Jobs  



ssh-to improvement
Add automatic logging functionality to ssh

Contributed by:
Rob Flickenger
[08/26/03 | Discuss (0) | Link to this hack]

In Linux Server Hacks, I gave the following tiny script (called ssh-to) as a simple time saver to use when logging into ssh with client keys:

#!/bin/sh
ssh `basename $0` $*
The idea was to put this somewhere in your PATH, and make symlinks to it using the name of the machine you want to log into. This is very similar to the symlink functionality that rsh provides.

I've added a tiny bit of code to ssh-to to make it even more useful. Try this:

#!/bin/sh

ME=`basename $0`
TIMESTAMP="$HOME/.ssh/.$ME.timestamp"

[ -r $TIMESTAMP ] && cat $TIMESTAMP

echo "  Last ssh:" `date +'%a %b %e %H:%M:%S %Y'` > $TIMESTAMP

ssh -AC $ME $*
The first time you use it to log into a machine, it creates a timestamp file (called .[machine name].timestamp in your ~/.ssh directory). On subsequent logins, it shows the timestamp of the last time you logged in just before it connects. The spacing coincides nicely with the "Last login" message displayed by most servers on login. For example:
rob@caligula:~$ florian
  Last ssh: Tue Aug 26 22:17:50 2003
Last login: Tue Aug 26 22:17:50 2003 from caligula.rob.swn
Linux 2.4.20.

rob@florian:~$
This tells you at a glance the difference between the last time you used the script to log in, and the last time the system noticed your presence. If these times are greatly out of sync, it can mean one of three things:
  1. You aren't syncing your system times with ntpd
  2. You logged into the server from some machine other than your laptop
  3. Someone else has been using your account
While not completely foolproof, it gives you a bit more information than the default login time display (do you really remember every time you log into a box? To the second?) Of course, it is standard procedure to doctor the logs on any box that has been compromised by would-be system hijackers. But if you give any credence to the last log system, this tiny script can give you yet another data point to be paranoid about.


O'Reilly Home | Privacy Policy

© 2007 O'Reilly Media, Inc.
Website: | Customer Service: | Book issues:

All trademarks and registered trademarks appearing on oreilly.com are the property of their respective owners.