2005/05/31 SSH_CLIENT, SSH_CONNECTION (OpenSSH Variables)

I've removed advertising from most of this site and will eventually clean up the few pages where it remains.

While not terribly expensive to maintain, this does cost me something. If I don't get enough donations to cover that expense, I will be shutting the site down in early 2020.

If you found something useful today, please consider a small donation.

Some material is very old and may be incorrect today

© May 2005 Tony Lawrence

OpenSSH sets several environment variables which can be useful. It's easy enough to see them: just type "set | grep SSH" at a command prompt./p>

If you connected by SSH, these should include SSH_ASKPASS, SSH_CLIENT, SSH_CONNECTION and SSH_TTY, which can give helpful information to scripts.

For example, if we wanted to log all ssh connections not coming from our local network, we might do something like this:

#!/bin/bash
# called from login scripts such as /etc/profile
if [ "${SSH_CLIENT%.*}" != "10.3.38" ]
 then 
 logger -t warn -p info.warn "$SSH_CLIENT connnection"
fi
 

See Loglevel if you don't know what "logger" does. The "${SSH_CLIENT%.*}" extracts the subnet from the $SSH_CLIENT variable by stripping everything from the last period to the end.

If you found something useful today, please consider a small donation.

Got something to add? Send me email.

---

Have you tried Searching this site?

This is a Unix/Linux resource website. It contains technical articles about Unix, Linux and general computing related subjects, opinion, news, help files, how-to's, tutorials and more.

Contact us