Tuesday, July 18, 2017

.::: How to display login banner before & After login(Prelogin, Postlogin) On Unix/Linux :::.

Pre login banner is use for sending a warning message before authentication may be relevant for getting legal protection or just give out information to users. The contents of the specified file are sent to the remote user before authentication is allowed. This option is only available for protocol version 2. By default, no banner is displayed (if you are using latest version of Linux/UNIX then you do not have to worry about version issue)

A. Display SSH Warning Message to Users Before Login

1) By default sshd server turns off this feature.

2) Login as the root user; create your login banner file:
# vi /etc/ssh/sshd-banner
###############################################################
#    .::: Welcome to Teguh Triharto Unix Login :::.           #
#    All connections are monitored and recorded               #
#  Display SSH Warning Message to Users Before Login          #
#  Disconnect IMMEDIATELY if you are not an authorized user!  #
###############################################################

[root@TeguhLab ~]# more /etc/ssh/sshd-banner
###############################################################
#    .::: Welcome to Teguh Triharto Unix Login :::.           #
#    All connections are monitored and recorded               #
#  Display SSH Warning Message to Users Before Login          #
#  Disconnect IMMEDIATELY if you are not an authorized user!  #
###############################################################
[root@TeguhLab ~]#

3) Open sshd configuration file /etc/sshd/sshd_config using a text editor:

# vi /etc/ssh/sshd_config

4) Add/edit the following line:

Banner /etc/ssh/sshd-banner
[root@TeguhLab ~]# cat /etc/ssh/sshd_config | grep banner
# no default banner path
#Banner none
Banner /etc/ssh/sshd-banner
[root@TeguhLab ~]#

5) Save file and restart the sshd server:

# /etc/init.d/sshd restart
service sshd restart

[root@TeguhLab ~]# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[root@TeguhLab ~]#

6) Test your new banner (from Linux or UNIX workstation or use any other ssh client):

[root@TeguhLab ~]# ssh TeguhLab
###############################################################
#    .::: Welcome to Teguh Triharto Unix Login :::.           #
#    All connections are monitored and recorded               #
#  Display SSH Warning Message to Users Before Login          #
#  Disconnect IMMEDIATELY if you are not an authorized user!  #
###############################################################
root@TeguhLab's password:

https://www.cyberciti.biz/tips/change-openssh-sshd-server-login-banner.html

B. Display SSH Warning Message to Users After Login

1) By default sshd server turns off this feature.

2) Login as the root user; create your login banner file:
# vi /etc/motd
###############################################################
#    .::: Welcome to Teguh Triharto Unix Login :::.           #
#    All connections are monitored and recorded               #
#  Disconnect IMMEDIATELY if you are not an authorized user!  #
#  Display SSH Warning Message to Users After Login Success   #
###############################################################

[root@TeguhLab ~]# more /etc/motd
###############################################################
#    .::: Welcome to Teguh Triharto Unix Login :::.           #
#    All connections are monitored and recorded               #
#  Disconnect IMMEDIATELY if you are not an authorized user!  #
#  Display SSH Warning Message to Users After Login Success   #
###############################################################
[root@TeguhLab ~]#

3) Save file and restart the sshd server:

# /etc/init.d/sshd restart
service sshd restart

[root@TeguhLab ~]# service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]
[root@TeguhLab ~]#

4. Testing login
[root@TeguhLab ~]# ssh 127.0.0.1
The authenticity of host '127.0.0.1 (127.0.0.1)' can't be established.
RSA key fingerprint is fb:2c:1e:28:6d:8b:31:60:40:66:4c:b2:b9:0f:ee:f9.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '127.0.0.1' (RSA) to the list of known hosts.
###############################################################
#    .::: Welcome to Teguh Triharto Unix Login :::.           #
#    All connections are monitored and recorded               #
#  Display SSH Warning Message to Users Before Login          #
#  Disconnect IMMEDIATELY if you are not an authorized user!  #
###############################################################
root@127.0.0.1's password:
Last login: Tue Jul 18 15:02:52 2017 from 10.100.0.111
###############################################################
#    .::: Welcome to Teguh Triharto Unix Login :::.           #
#    All connections are monitored and recorded               #
#  Disconnect IMMEDIATELY if you are not an authorized user!  #
#  Display SSH Warning Message to Users After Login Success   #
###############################################################
[root@TeguhLab ~]#

http://www.tecmint.com/protect-ssh-logins-with-ssh-motd-banner-messages/

Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Popular Posts