HPE GreenLake Administration
- Community Home
- >
- Servers and Operating Systems
- >
- Operating Systems
- >
- Operating System - HP-UX
- >
- /etc/issue file not being displayed.
Operating System - HP-UX
1834935
Members
2318
Online
110071
Solutions
Forums
Categories
Company
Local Language
back
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Forums
Discussions
Discussions
Discussions
Forums
Discussions
back
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Blogs
Information
Community
Resources
Community Language
Language
Forums
Blogs
Go to solution
Topic Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 07:22 PM
05-01-2003 07:22 PM
Hi,
We have a number of hp ux system all 11.00. Only one of these systems actually displays the contents of the /etc/issue file immediately before the login prompt on unused terminals. I need to have all systems displaying the contents of this file to meet some new security requirements. Can anyone help me here? What do I need to check? permissions on the /etc/issue file are 444 bin:bin. on all systems.
thanks
Maria.
We have a number of hp ux system all 11.00. Only one of these systems actually displays the contents of the /etc/issue file immediately before the login prompt on unused terminals. I need to have all systems displaying the contents of this file to meet some new security requirements. Can anyone help me here? What do I need to check? permissions on the /etc/issue file are 444 bin:bin. on all systems.
thanks
Maria.
Solved! Go to Solution.
7 REPLIES 7
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 07:31 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 07:32 PM
05-01-2003 07:32 PM
Re: /etc/issue file not being displayed.
Also for rlogin
login stream tcp nowait root /usr/lbin/rlogind rlogind -B /etc/issue
login stream tcp nowait root /usr/lbin/rlogind rlogind -B /etc/issue
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 08:24 PM
05-01-2003 08:24 PM
Re: /etc/issue file not being displayed.
Hi Maria,
The contents should be minimal to say the least with this file. Displaying any type of warning message can alert a potential hacker to what type of system your is.
We only have the hostname within the file, and this would only mean something to us, being the type of hostnames we use.
Also, with security requirements, you might also look at minimising the amount of services allowed. By default these are a good start. (copy of /etc/inetd.conf) if you make changes to this file, make sure you issue this command.
# inetd -c
HTH
Michael
tftp dgram udp wait root /usr/lbin/tftpd tftpd /opt/ignite /var/opt/ignite
#bootps dgram udp wait root /usr/lbin/bootpd bootpd
#finger stream tcp nowait bin /usr/lbin/fingerd fingerd
login stream tcp nowait root /usr/lbin/rlogind rlogind
shell stream tcp nowait root /usr/lbin/remshd remshd
exec stream tcp nowait root /usr/lbin/rexecd rexecd
#uucp stream tcp nowait root /usr/sbin/uucpd uucpd
#ntalk dgram udp wait root /usr/lbin/ntalkd ntalkd
ident stream tcp wait bin /usr/lbin/identd identd
##
#
# Other HP-UX network services
#
##
printer stream tcp nowait root /usr/sbin/rlpdaemon rlpdaemon -i
##
#
# inetd internal services
#
##
#daytime stream tcp nowait root internal
#daytime dgram udp nowait root internal
#time stream tcp nowait root internal
#time dgram udp nowait root internal
#echo stream tcp nowait root internal
#echo dgram udp nowait root internal
#discard stream tcp nowait root internal
#discard dgram udp nowait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp nowait root internal
##
#
# rpc services, registered by inetd with portmap
# Do not uncomment these unless your system is running portmap!
#
##
# WARNING: The rpc.mountd should now be started from a startup script.
# Please enable the mountd startup script to start rpc.mountd.
##
#rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1 rpc.rexd
#rpc dgram udp wait root /usr/lib/netsvc/rstat/rpc.rstatd 100001 2-4 rpc.rstatd
#rpc dgram udp wait root /usr/lib/netsvc/rusers/rpc.rusersd 100002 1-2 rpc.rusersd
#rpc dgram udp wait root /usr/lib/netsvc/rwall/rpc.rwalld 100008 1 rpc.rwalld
#rpc dgram udp wait root /usr/sbin/rpc.rquotad 100011 1 rpc.rquotad
#rpc dgram udp wait root /usr/lib/netsvc/spray/rpc.sprayd 100012 1 rpc.sprayd
##
#
# The standard remshd and rlogind do not include the Kerberized
# code. You must install the InternetSvcSec/INETSVCS-SEC fileset and
# configure Kerberos as described in the SIS(5) man page.
#
##
kshell stream tcp nowait root /usr/lbin/remshd remshd -K
klogin stream tcp nowait root /usr/lbin/rlogind rlogind -K
##
#
# NCPM programs.
# Do not uncomment these unless you are using NCPM.
#
##
#ncpm-pm dgram udp wait root /opt/ncpm/bin/ncpmd ncpmd
#ncpm-hip dgram udp wait root /opt/ncpm/bin/hipd hipd
dtspc stream tcp nowait root /usr/dt/bin/dtspcd /usr/dt/bin/dtspcd
rpc xti tcp swait root /usr/dt/bin/rpc.ttdbserver 100083 1 /usr/dt/bin/rpc.ttdbserver
registrar stream tcp nowait root /etc/opt/resmon/lbin/registrar /etc/opt/resmon/lbin/registrar
recserv stream tcp nowait root /usr/lbin/recserv recserv -display :0
rpc dgram udp wait root /usr/dt/bin/rpc.cmsd 100068 2-5 rpc.cmsd
swat stream tcp nowait.400 root /opt/samba/bin/swat swat
instl_boots dgram udp wait root /opt/ignite/lbin/instl_bootd instl_bootd
ldcconn stream tcp nowait root /opt/hpldc/bin/ldcconn ldcconn
omni stream tcp nowait root /opt/omni/lbin/inet inet -log /var/opt/omni/log/inet.log
The contents should be minimal to say the least with this file. Displaying any type of warning message can alert a potential hacker to what type of system your is.
We only have the hostname within the file, and this would only mean something to us, being the type of hostnames we use.
Also, with security requirements, you might also look at minimising the amount of services allowed. By default these are a good start. (copy of /etc/inetd.conf) if you make changes to this file, make sure you issue this command.
# inetd -c
HTH
Michael
tftp dgram udp wait root /usr/lbin/tftpd tftpd /opt/ignite /var/opt/ignite
#bootps dgram udp wait root /usr/lbin/bootpd bootpd
#finger stream tcp nowait bin /usr/lbin/fingerd fingerd
login stream tcp nowait root /usr/lbin/rlogind rlogind
shell stream tcp nowait root /usr/lbin/remshd remshd
exec stream tcp nowait root /usr/lbin/rexecd rexecd
#uucp stream tcp nowait root /usr/sbin/uucpd uucpd
#ntalk dgram udp wait root /usr/lbin/ntalkd ntalkd
ident stream tcp wait bin /usr/lbin/identd identd
##
#
# Other HP-UX network services
#
##
printer stream tcp nowait root /usr/sbin/rlpdaemon rlpdaemon -i
##
#
# inetd internal services
#
##
#daytime stream tcp nowait root internal
#daytime dgram udp nowait root internal
#time stream tcp nowait root internal
#time dgram udp nowait root internal
#echo stream tcp nowait root internal
#echo dgram udp nowait root internal
#discard stream tcp nowait root internal
#discard dgram udp nowait root internal
#chargen stream tcp nowait root internal
#chargen dgram udp nowait root internal
##
#
# rpc services, registered by inetd with portmap
# Do not uncomment these unless your system is running portmap!
#
##
# WARNING: The rpc.mountd should now be started from a startup script.
# Please enable the mountd startup script to start rpc.mountd.
##
#rpc stream tcp nowait root /usr/sbin/rpc.rexd 100017 1 rpc.rexd
#rpc dgram udp wait root /usr/lib/netsvc/rstat/rpc.rstatd 100001 2-4 rpc.rstatd
#rpc dgram udp wait root /usr/lib/netsvc/rusers/rpc.rusersd 100002 1-2 rpc.rusersd
#rpc dgram udp wait root /usr/lib/netsvc/rwall/rpc.rwalld 100008 1 rpc.rwalld
#rpc dgram udp wait root /usr/sbin/rpc.rquotad 100011 1 rpc.rquotad
#rpc dgram udp wait root /usr/lib/netsvc/spray/rpc.sprayd 100012 1 rpc.sprayd
##
#
# The standard remshd and rlogind do not include the Kerberized
# code. You must install the InternetSvcSec/INETSVCS-SEC fileset and
# configure Kerberos as described in the SIS(5) man page.
#
##
kshell stream tcp nowait root /usr/lbin/remshd remshd -K
klogin stream tcp nowait root /usr/lbin/rlogind rlogind -K
##
#
# NCPM programs.
# Do not uncomment these unless you are using NCPM.
#
##
#ncpm-pm dgram udp wait root /opt/ncpm/bin/ncpmd ncpmd
#ncpm-hip dgram udp wait root /opt/ncpm/bin/hipd hipd
dtspc stream tcp nowait root /usr/dt/bin/dtspcd /usr/dt/bin/dtspcd
rpc xti tcp swait root /usr/dt/bin/rpc.ttdbserver 100083 1 /usr/dt/bin/rpc.ttdbserver
registrar stream tcp nowait root /etc/opt/resmon/lbin/registrar /etc/opt/resmon/lbin/registrar
recserv stream tcp nowait root /usr/lbin/recserv recserv -display :0
rpc dgram udp wait root /usr/dt/bin/rpc.cmsd 100068 2-5 rpc.cmsd
swat stream tcp nowait.400 root /opt/samba/bin/swat swat
instl_boots dgram udp wait root /opt/ignite/lbin/instl_bootd instl_bootd
ldcconn stream tcp nowait root /opt/hpldc/bin/ldcconn ldcconn
omni stream tcp nowait root /opt/omni/lbin/inet inet -log /var/opt/omni/log/inet.log
Anyone for a Mutiny ?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 08:29 PM
05-01-2003 08:29 PM
Re: /etc/issue file not being displayed.
Hi,
You can supply a banner file to telnetd with -b option. see man page for telnetd. for telnetd line in /etc/inetd.conf add
-b /etc/issue and reread inetd.conf
inetd -c
Regards
You can supply a banner file to telnetd with -b option. see man page for telnetd. for telnetd line in /etc/inetd.conf add
-b /etc/issue and reread inetd.conf
inetd -c
Regards
Never Say No
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 08:33 PM
05-01-2003 08:33 PM
Re: /etc/issue file not being displayed.
In inetd.conf this is the line you need.
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue
This will work for telnet and secure shell.
Permission on /etc/issue should let any user read it.
SEP
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b /etc/issue
This will work for telnet and secure shell.
Permission on /etc/issue should let any user read it.
SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 08:38 PM
05-01-2003 08:38 PM
Re: /etc/issue file not being displayed.
Just an additional note I thought may be useful to you. There is no need for a space after the -b or -B. Example ..
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b/etc/issue
login stream tcp nowait root /usr/lbin/rlogind rlogind -B/etc/issue
If you run ..
$ man telnetd
and you'll see one example in there. As far as the ownership/permission goes, 444 and bin:bin is just fine.
telnet stream tcp nowait root /usr/lbin/telnetd telnetd -b/etc/issue
login stream tcp nowait root /usr/lbin/rlogind rlogind -B/etc/issue
If you run ..
$ man telnetd
and you'll see one example in there. As far as the ownership/permission goes, 444 and bin:bin is just fine.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
05-01-2003 10:01 PM
05-01-2003 10:01 PM
Re: /etc/issue file not being displayed.
Thanks everyone, you're worth your weight in gold!
inetd.conf file change worked its stuff.
Maria.
inetd.conf file change worked its stuff.
Maria.
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.
Company
Events and news
Customer resources
© Copyright 2025 Hewlett Packard Enterprise Development LP