diff --git a/config/i3/config b/config/i3/config
index f5ffcdf..8f4f69c 100644
--- a/config/i3/config
+++ b/config/i3/config
@@ -219,3 +219,6 @@ exec --no-startup-id activate-linux
 
 # Start dunst (notification service)
 exec --no-startup-id dunst
+
+# start ssh access notification script
+exec --no-startup-id /home/shihaam/.scripts/notify-ssh-access.sh
diff --git a/scripts/notify-ssh-access.sh b/scripts/notify-ssh-access.sh
new file mode 100755
index 0000000..395ee8e
--- /dev/null
+++ b/scripts/notify-ssh-access.sh
@@ -0,0 +1,22 @@
+#!/bin/bash
+
+doas tail -fn0 /var/log/audit/audit.log | while read -r line; do
+
+    key=$(echo "$line" | grep -oP '(?<=key=").*?(?=")')
+    exe=$(echo "$line" | grep -oP '(?<=exe=").*?(?=")')
+    pid=$(echo "$line" | awk -F'ppid=[0-9]+ pid=' '{print $2}' | awk -F' ' '{print $1}')
+    username=$(echo "$line" | grep -oP '(?<=EUID=").+?(?=")')
+
+    if [ "$key" = "ssh-key-read" ]
+    then
+    		SUBJECT="SSH Key accessed!"
+		MESSAGE="exec=$exe\nuser=$username\npid=$pid"
+
+		if [ "$exe" = "/usr/bin/scp" ] || [ "$exe" = "/usr/bin/ssh" ]
+		then
+			notify-send "$SUBJECT" "$MESSAGE"
+		else
+			notify-send -u critical "$SUBJECT" "$MESSAGE"
+		fi
+    fi
+done