How to setup Logon Banners in Linux

 

 

There are two ways where we can place the banner for the Server :

/etc/motd -> Will display the banner after the user logon

/etc/issue -> will display the banner before the user logon 


To Display SSH Warning / Legal Notice message to users before logon:

[1] Open the file as below:

 # vim /etc/issue

Place the content of the notice in this file :


[2]  Open the sshd configuration file for the changes: Look for the work “Banner” at the end of the file:

Replace as below in /etc/ssh/sshd_config file:

Banner /etc/issue


[3] To take effort we need to restart the SSH Service:

[root@quickfixlinux ~]# service sshd restart


[4] Now try to login and you will displayed with the Banner and then with the password prompt.

 

 

To Display the SSH Notice/Warning after the User Login:

 Open the file as below:

 [root@quickfixlinux ~]# vim /etc/motd

Place the content of the notice in this file :


Alternatively, you can also configure in sshd config file /etc/ssh/sshd_config:

Create the file named /etc/banner:

[root@quickfixlinux ~]# vim /etc/banner

###

# ***** Welcome to QLF *****   ###

#######################################################################

#Authorized access only!#

# Disconnect IMMEDIATELY if you are not an authorized user !!!

# All actions will be monitored and recorded

#########################################################################

Now, Configure the ssh configuration file. Sample /etc/ssh/sshd_config file and add the line Banner /etc/banner to it, for example:

[root@quickfixlinux ~]#vim /etc/ssh/sshd_config
Port 22
Protocol 2,1
SyslogFacility AUTHPRIV
PermitRootLogin no
RSAAuthentication yes
StrictModes no
PasswordAuthentication yes
ChallengeResponseAuthentication yes
Banner /etc/banner
Subsystem sftp /usr/libexec/openssh/sftp-server 

Then restart the SSHD Service to take effort:

[root@quickfixlinux ~]# service sshd restart

That’s all… Try to SSH the box with your login ..

You may also like...

Leave a Reply