diff options
| -rwxr-xr-x[-rw-r--r--] | client_ls.py | 10 | ||||
| -rw-r--r-- | client_manager.py | 16 | ||||
| -rwxr-xr-x | cron_setup.sh | 22 | ||||
| -rw-r--r-- | docs | 6 |
4 files changed, 48 insertions, 6 deletions
diff --git a/client_ls.py b/client_ls.py index 6aa3a7e..fdcfc78 100644..100755 --- a/client_ls.py +++ b/client_ls.py @@ -1,4 +1,4 @@ - +#!/usr/bin/env python3 #lists client information import fcntl @@ -12,10 +12,14 @@ def read_data(): # Get shared lock for reading fcntl.flock(f.fileno(), fcntl.LOCK_SH) try: - return json.load(f) + data = json.load(f) + for pid, info in data.items(): + print(info) + return {} finally: fcntl.flock(f.fileno(), fcntl.LOCK_UN) except (FileNotFoundError, ValueError): + print("file /tmp/ssh_sessions.json not found") return {} -print(read_data()) +read_data() diff --git a/client_manager.py b/client_manager.py index 84bf3df..ab29e16 100644 --- a/client_manager.py +++ b/client_manager.py @@ -15,6 +15,7 @@ import fcntl def get_ssh_port(pid): ''' + /var/log/secure Jan 31 07:50:28 vultr sshd[43690]: Accepted publickey for root from 210.10.76.5 port 43730 ssh2: ED25519 SHA256:qz9ffMCb3vPlabn3ZHee00qIPBxkDiUiVSorcUkGdII Jan 31 07:50:28 vultr sshd[43690]: pam_unix(sshd:session): session opened for user root(uid=0) by root(uid=0) Jan 31 07:50:29 vultr sshd[43693]: Received disconnect from 210.10.76.5 port 43730:11: disconnected by user @@ -22,6 +23,13 @@ def get_ssh_port(pid): Jan 31 07:50:29 vultr sshd[43690]: pam_unix(sshd:session): session closed for user root ''' ''' + lsof -i -n + sshd 1845 root 4u IPv4 23137 0t0 TCP 45.32.108.159:ssh->210.10.76.5:45460 (ESTABLISHED) + sshd 1848 root 4u IPv4 23137 0t0 TCP 45.32.108.159:ssh->210.10.76.5:45460 (ESTABLISHED) + sshd 1848 root 8u IPv4 23259 0t0 TCP *:44699 (LISTEN) + sshd 1848 root 9u IPv6 23260 0t0 TCP *:44699 (LISTEN) + ''' + ''' # less efficient but readable pid = '33216' pids = [] @@ -100,11 +108,13 @@ def handle_log_change(event): keyname = get_keyname(line.split()[15]) srcip = line.split()[10] #print(pid, port, keyname, srcip) - ssh_sessions[pid] = [srcip, keyname, port] - ssh_sessions[pid] = { + #ssh_sessions[pid] = [srcip, keyname, port] + + ssh_sessions[srcip] = { 'srcip': srcip, + 'pid' : pid, 'key': keyname, - 'pubport': port + 'pubport': port, } write_data(ssh_sessions) if "pam_unix(sshd:session): session closed" in line: diff --git a/cron_setup.sh b/cron_setup.sh new file mode 100755 index 0000000..ca2fdbd --- /dev/null +++ b/cron_setup.sh @@ -0,0 +1,22 @@ +#!/bin/bash + +# add client_manager python to crontab + +if [ "$EUID" -ne 0 ]; then + echo "ERROR: This script must be run as root" + exit 1 +fi + +# Get script's directory +SCRIPT_DIR="$( cd -- "$( dirname -- "${BASH_SOURCE[0]}" )" &> /dev/null && pwd )" + +# Create a temporary file with the cron entry +echo "@reboot /usr/bin/python3 $SCRIPT_DIR/client_manager.py" > temp_cron + +# Append this to the user's crontab +crontab -l > current_cron 2>/dev/null || true # Get current crontab or empty if none exists +cat temp_cron >> current_cron +crontab current_cron + +# Clean up temporary files +rm temp_cron current_cron @@ -0,0 +1,6 @@ + +client_ls.py client_manager.py cron_setup.sh sys_init.py + +-you can run client_manager.py as standalone +-cron_setup.py just adds client_manager.py to crontab + |