Saturday, May 7, 2011

Change SSH Welcome Banner

When I login to my Ubuntu desktop through SSH, I see the following information. It gives some basic info about my linux box.

Linux russell-desktop 2.6.32-28-generic #55-Ubuntu SMP Mon Jan 10 21:21:01 UTC 2011 i686 GNU/Linux
Ubuntu 10.04.2 LTS
Welcome to Ubuntu!
 * Documentation:  https://help.ubuntu.com/
Last login: Thu Apr 21 10:13:20 2011


This message can be changed by editing two different files.

By editing /etc/motd the first two sections can be changed. To replace the sections with your own message edit the file with your fevorite text editor. I use vi.
# vi /etc/motd

You can keep a copy of the original file using the copy command as follows. Use this command before editing the file.
# cp /etc/motd /etc/motd.bk

This will change the welcome banner temporarily. To do it permanently open /etc/default/rcS in your text editor. This file may be absent in other linux distros than Ubuntu/Debian.
# vi /etc/default/rsS
and change the following line from yes to no as below.
EDITMOTD=no
If the line is absent then write as above.

To disable the last login message (not recommended), edit the following file as root user. It’s useful to see the last login to the system for security reasons
# vi /etc/ssh/sshd_config
Find this line in the file and change the yes to no as shown:
PrintLastLog no

To display your message before you put your password uncomment the following line in /etc/ssh/sshd_config file.
Banner /etc/issue.net
And then write your message in /etc/issue.net file.
Keep in mind that you can put any file at any location in the Banner line. If you have a file named test in /opt you can put this file in Banner line as
Banner /opt/test
Restart ssh server. The next time anyone logs in, the contents of the file will be displayed.


Troubleshoot

If your banner keeps resetting itself, you need to keep in mind that /etc/motd is only a link to the /var/run/motd file. Edit that file to make the banner changes permanent.

To delete completely the message logon:
Rename /etc/update-motd.d directory.
# mv /etc/update-motd.d /etc/update-motd.d.bak
What this does is actually removing the scripts that generate the MOTD.
OR
remove the following files in this directory
# rm /etc/update-motd.d/00-header /etc/update-motd.d/10-help-text /etc/update-motd.d/99-footer

Rename /etc/motd.tail file
# mv /etc/motd.tail /etc/motd.tail.bak
OR
# echo ” > /etc/motd.tail

Backup existing motd file, which is a symlink
# mv /var/run/motd /var/run/motd.bak
&
# mv /etc/motd /etc/motd.bak

Using your favorite text editor, create and open a new motd file (/etc/motd), edit the file as desired, and save.
# vi /etc/motd

If you want to remove the last login
# vim /etc/ssh/sshd_config
PrintLastLog yes -> PrintLastLog no

After editing the file, restart SSHD
# vim /etc/init.d/ssh restart

Reference
http://www.howtogeek.com/howto/ubuntu/change-ssh-welcome-banner-on-ubuntu/
Posted by at
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)