HPE Community
Operating System - HP-UX
1819766 Members
3261 Online
109606 Solutions
New Discussion юеВ

ssh and welcome/warning banner

 
SOLVED
Go to solution
Vic S. Kelan
Regular Advisor

тАО10-19-2005 09:00 AM

тАО10-19-2005 09:00 AM

ssh and welcome/warning banner

Hello Friends!

I am trying to secure my server by disallowing telnet connection. I intend to use only ssh. The problem I have is with the banner (/etc/issue).

under telnet I can get my banner messages at login but not under ssh.

I have added the following line to all the sshd_config files I could find but still no dice:
# no default banner path
Banner /etc/issue
the files i edited are:
/opt/ssh/newconfig/opt/ssh/etc/sshd_config
/opt/ssh/src/ssh/etc/sshd_config
/opt/ssh/src/ssh/sshd_config
/opt/ssh/etc/sshd_config

i have restarted ssh, no luck.
How can I configure ssh to show me the banner at login?

thanks!!
0 Kudos
Reply
4 REPLIES 4
Mel Burslan
Honored Contributor

тАО10-19-2005 09:10 AM

тАО10-19-2005 09:10 AM

Solution

Re: ssh and welcome/warning banner

sheck your ssh command to see if there is any wrapper around it to direct the stderr to /dev/null as the /etc/issue contents are treated as error messages. For example, from server1 I want to ssh to server2:

server1> ssh server2
(I see the /etc/issue)

server1> ssh server2 2>/dev/null
(I can not see the /etc/issue)

otherwise, unless your sshd is looking for its configuration file from some other location with another filename, you should be able to see it. to make sure if this is the case or not, kill the sshd the restart it as

/opt/ssh/bin/sshd -f /opt/ssh/etc/sshd_config

this definitel will you the file you modified according to your post.

HTH
________________________________
UNIX because I majored in cryptology...
Reply
Vic S. Kelan
Regular Advisor

тАО10-19-2005 09:36 AM

тАО10-19-2005 09:36 AM

Re: ssh and welcome/warning banner

Thanks I got it to work, my silly mistake, unlike the banner with telnet, i needed to input a username first before it displayed the banner......

Wonder if thats normal though....
0 Kudos
Reply
Mel Burslan
Honored Contributor

тАО10-19-2005 09:43 AM

тАО10-19-2005 09:43 AM

Re: ssh and welcome/warning banner

yes it is normal. Igenerally ssh to the remote servers as follows:

ssh mel@server

and drop to the password prompt directly. So, if issue gets displayed prior to username, I will have no way of seeing it. I think it is intentionally designed with this utilization in mind.
________________________________
UNIX because I majored in cryptology...
0 Kudos
Reply
Juan M Leon
Trusted Contributor

тАО10-19-2005 12:48 PM

тАО10-19-2005 12:48 PM

Re: ssh and welcome/warning banner

I will suggest to look into /etc/dt/config/C
Xresources file, you can enter your warning messages there.

Hope it helps
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.