I’ve been finding all kinds of neat uses for Notifo, a multipurpose notification tool for the iPhone, and I wanted to be notified when anyone (should only be me) logged in to my home computer via SSH. I wrote a Pluggable Authentication Module (PAM) that sends a notice to Notifo whenever someone logs in or activates the PAM module another day (yes, I know that “PAM module” is redundant).
Check it out on SourceForge at http://iharder.net/pam_notifo. I developed it on a Mac. I don’t know if it will compile properly on Linux. Please try it out.
If you’re nobody special like me, you probably “only” get a few thousand failed SSH logins to your computer each day. If you run a high profile system, it’s probably worse. Of course you have a good password for your account (right?), but should someone actually get your password, like with a keystroke logger on the remote computer you’re using to log in, what protection do you have then?
Two factor authentication can increase your security by requiring more than just your password (one factor) to log in. I like using Perfect Paper Passwords from Gibson Research Corporation (GRC.com). With this system after entering my username and password (even a wrong password) in an SSH session, I am then prompted for a four-digit passcode that I’ve previously printed out and stashed in my wallet. Each code is only used one time, and protects me even if someone manages to get my password. In the case where attackers are guessing my password, they cannot tell if the password or passcode was guessed incorrectly.
Sample PPP passcard (courtesy grc.com)
There’s only a little bit of trickery involved to compile it for Mac OS X 10.6 Snow Leopard, and if you had it working before in Leopard, you’ll need to recompile the PAM module (I know, it’s like “ATM machine”) for 64-bit mode.