How to setup Logon Banners in Linux

 

 

There are two ways where we can place the banner for the Server :

[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”]

/etc/motd -> Will display the banner after the user logon

/etc/issue -> will display the banner before the user logon [/stextbox]


To Display SSH Warning / Legal Notice message to users before logon:

[1] Open the file as below:

[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”]  # vim /etc/issue[/stextbox]

Place the content of the notice in this file :


[2]  Open the sshd configuration file for the changes: Look for the work “Banner” at the end of the file:

Replace as below in /etc/ssh/sshd_config file:

[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”]Banner /etc/issue[/stextbox]


[3] To take effort we need to restart the SSH Service:

[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”][root@quickfixlinux ~]# service sshd restart[/stextbox]


[4] Now try to login and you will displayed with the Banner and then with the password prompt.

 

 

To Display the SSH Notice/Warning after the User Login:

 Open the file as below:

[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”]  [root@quickfixlinux ~]# vim /etc/motd[/stextbox]

Place the content of the notice in this file :


Alternatively, you can also configure in sshd config file /etc/ssh/sshd_config:

Create the file named /etc/banner:

[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”]

[root@quickfixlinux ~]# vim /etc/banner

###

# ***** Welcome to QLF *****   ###

#######################################################################

#Authorized access only!#

# Disconnect IMMEDIATELY if you are not an authorized user !!!

# All actions will be monitored and recorded

######################################################################### [/stextbox]

Now, Configure the ssh configuration file. Sample /etc/ssh/sshd_config file and add the line Banner /etc/banner to it, for example:
[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”]

[root@quickfixlinux ~]#vim /etc/ssh/sshd_config
Port 22
Protocol 2,1
SyslogFacility AUTHPRIV
PermitRootLogin no
RSAAuthentication yes
StrictModes no
PasswordAuthentication yes
ChallengeResponseAuthentication yes
Banner /etc/banner
Subsystem sftp /usr/libexec/openssh/sftp-server [/stextbox]

Then restart the SSHD Service to take effort:

[stextbox id=”Default” mode=”css” bwidth=”7″ color=”FFFFFF” ccolor=”000000″ bcolor=”1A52EA” bgcolor=”000000″ bgcolorto=”000000″   image=”null”]

[root@quickfixlinux ~]# service sshd restart [/stextbox]

That’s all… Try to SSH the box with your login ..

You may also like...

Leave a Reply