HPE Community
Operating System - HP-UX
1824983 Members
3679 Online
109678 Solutions
New Discussion юеВ

Re: Creating message at login with /etc/issue

 
SOLVED
Go to solution
David Manson
Occasional Advisor

тАО10-31-2000 07:57 PM

тАО10-31-2000 07:57 PM

Creating message at login with /etc/issue

I'm trying to create a message that people will see at login time and have added it to the /etc/issue file. However, I still don't get the message printed at the login prompt.
I noticed that the line for the getty program in the /etc/inittab file is as follows:-

cons:123456:respawn:/usr/sbin/getty console console # system console

Does anybody have any ideas as to how I can make this work?

0 Kudos
Reply
7 REPLIES 7
Bill Hassell
Honored Contributor

тАО10-31-2000 08:20 PM

тАО10-31-2000 08:20 PM

Solution

Re: Creating message at login with /etc/issue

The /etc/issue prompt is indeed seen with 'classic' Unix logins, ie, serial and modem ports. Telnet is a completely separate process run from inetd (telnetd) so it needs to be configured. Edit the file: /etc/inetd.conf and find the telnetd line. Then add the -b option as in:

telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue

The -b /etc/issue now provides the same pre-login prompt as console, serial and modem connections. You may wish to perform the same change for rlogin too:

login stream tcp nowait root /usr/lbin/rlogind rlogind -B /etc/issue

Notice that rlogind requires a capital B as the banner option.


Bill Hassell, sysadmin
Reply
Paula J Frazer-Campbell
Honored Contributor

тАО11-01-2000 01:15 AM

тАО11-01-2000 01:15 AM

Re: Creating message at login with /etc/issue

When using /etc/issue - do not put a welcome message i.e. "Welcome to ABCD PLC" as there has been a case where a hacker got away with it because his defence was "It said welcome so I presumed I was". The judge being not exactly computer literate dismissed the case.
Also do not announce the OS as this again gives the potential hacker more information.

Your etc/issue could contain something like this

-------WARNING------
YOUR CONNECTION TO THIS MACHINE
WILL BE MONITORED AND RECORDED
UNAUTHORISED USE OR OVER
AUTHORISED USE OF THIS SYSTEM
IS FORBIDDEN

HTH

Paula
If you can spell SysAdmin then you is one - anon
0 Kudos
Reply
Anonymous
Not applicable

тАО11-01-2000 03:53 AM

тАО11-01-2000 03:53 AM

Re: Creating message at login with /etc/issue

Hi David,

sounds like you're looking for good old /etc/motd ("Message-of-the-day").

We call this in /etc/profile -if /etc/motd exists and is readable:
grep motd /etc/pr*
/etc/profile: if [ -r /etc/motd ]
/etc/profile: cat /etc/motd

Unfortunately it is just briefly mentioned in man login.

RGDS
Thomas
0 Kudos
Reply
James R. Ferguson
Acclaimed Contributor

тАО11-01-2000 04:46 AM

тАО11-01-2000 04:46 AM

Re: Creating message at login with /etc/issue

David:

To echo both Paula and Thomas's contributions, the logic to read /etc/motd is already in /etc/profile so this is a good place to tack on your "authorized users only" notice. At my site we remind users that THEY are responsible for maintaining information confidentiality too. As Paula points out, resist, at your own risk, hanging out a welome sign!

...JRF...
0 Kudos
Reply
CHRIS_ANORUO
Honored Contributor

тАО11-01-2000 05:08 AM

тАО11-01-2000 05:08 AM

Re: Creating message at login with /etc/issue

Hi David,

As Thomas pointed out, vi /etc/motd file and put in your information there.
if [ -s /etc/motd ] ; then pg -p "Press Enter To Continue" /etc/motd; fi.
The /etc/issue file is used to hide system information and the login prompt level, you can set this up from /etc/inetd.conf file (...telnet -b /etc/issue) and put the information in /etc/issue file.
When We Seek To Discover The Best In Others, We Somehow Bring Out The Best In Ourselves.
0 Kudos
Reply
Bill Hassell
Honored Contributor

тАО11-01-2000 05:59 AM

тАО11-01-2000 05:59 AM

Re: Creating message at login with /etc/issue

From a security point of view (as well as preventative measures for cyber lawyers), avoid the use of 'welcome' words in any greeting. Note that /etc/issue is sent to anyone that tries to connect, wjile /etc/motd will be displayed after login is successful.

Therefore, /etc/issue should be treated as a big security risk and only minimal inoformation provided. The typical content is:

uname -a > /etc/issue

But this provides way too much information for somebody who has not even logged in (opsystem type: HP-UX, opsystem rev: 10.20) so replace /etc/issue with minimal information, perhaps the name of the machine and if names are cryptic like A12532, then perhaps a function: parts server. Don't identify the hardware, the opsystem revision and the location! /etc/motd might contain this information since the user must provide a valid login and password to see it.

And consider replacing shells with menu programs for casual users. Not everyone needs a shell prompt. That way, nothing on /etc/profile needs to be run when the user logs in.


Bill Hassell, sysadmin
0 Kudos
Reply
David Manson
Occasional Advisor

тАО11-01-2000 02:04 PM

тАО11-01-2000 02:04 PM

Re: Creating message at login with /etc/issue

Thanks everyone for your assistance and in particular the warning re security implications.

DM
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.