Linux 监控root用户登录并发送邮件

1、安装mailx

yum  install  mailx -y

2、配置/etc/mail.rc文件

set from=yourname@126.com
set smtp=smtps://smtp.126.com:465
set smtp-auth-user=yourname@126.com
set smtp-auth-password=n7876KhMpp8676uM
set smtp-auth=login
set ssl-verify=ignore
set nss-config-dir=/root/.certs

3、创建证书

mkdir -p /root/.certs/
echo -n | openssl s_client -connect smtp.126.com:465 | sed -ne ‘/-BEGIN CERTIFICATE-/,/-END CERTIFICATE-/p‘ > ~/.certs/qq.crt
certutil -A -n "GeoTrust SSL CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt
certutil -A -n "GeoTrust Global CA" -t "C,," -d ~/.certs -i ~/.certs/qq.crt
certutil -L -d /root/.certs
cd  /root/.certs
certutil -A -n "GeoTrust SSL CA - G3" -t "Pu,Pu,Pu" -d ./ -i qq.crt

4、root用户的.bashrc 文件中添加告警脚本

echo "$(whoami) login at: $(date +"%F %T") ip address: $(w|sed -n '3p'|awk '{print$3}')" | mail -s root yourmail@qq.com