Skip to content
/ smsOnAuth Public

Get notified via sms right after you get pwnd

License

Unknown, Unknown licenses found

Licenses found

Unknown
license
Unknown
COPYING
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

unaPoloGTIc/smsOnAuth

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

9 Commits
COPYING
COPYING
 
 
README.md
README.md
 
 
license
license
 
 
send_sms.py
send_sms.py
 
 

Repository files navigation

Trex helper in case you get pwnd

Will send you an SMS after a successful login (and logout).
Not before, to prevent spamming you on each botnet attempt.
(Also, see below)

But post login is too late if I really got pwnd!

True, but the reasonable alternative is to require a reply SMS to allow login.
Which, being over 3/4G, is less secure than requiring SSH key, or 2FA (e.g. google-authenticator).
These are (some of) the tools you should be using to prevent getting owned
Shameless plug: we have other PAM modules to help you not get hacked in the first place.
This tool is meant to help you detect in reasonable time the (probably silent) failures should you get compromised.

You will need a Twilio account and number

Or adapt it to your provider.

Usage

Edit the PAM config file of your service, for example:
/etc/pam.d/sshd
Add the following:
session optional pam_exec.so /path/to/send_sms.py twilio-account-sid twilio-auth-token +from-phone-number +to-phone-number

Future feature

Reply to the SMS to kill the session if it is an intruder.
(NOT SUPPORTED YET)

About

Get notified via sms right after you get pwnd

Resources

Readme

License

Unknown, Unknown licenses found

Licenses found

Unknown
license
Unknown
COPYING
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages