I had to implement the legal warning while the users are logging in to our servers. Actually there are two methods to do this. One is using issue.net and other is using motd.tail. We are going to see these two methods and their implementation here.
1. /etc/issue.net
We can add the required legal notice in the file at /etc/issue.net. Then we need to comment out (remove the # symbol at the starting of the line) the line the below line in /etc/sshd_config
Banner /etc/issue.net
But we have encountered a different problem here. We have many automated scripts in the server which uses password less authentication using the ssh keys. These started failing. Why? The reason was due to how this method works. This is how it works:
This method will show what ever we have written in the /etc/issue.net file when ever there is an ssh session had made to the server before the authentication. So as this was unexpected for the automated scripts, it failed before connecting to the server. This is not what we wanted.
We wanted to show the legal notice in the server as well as we want all these automated scripts to work without any modifications. So we were looking for alternatives and found it.
2./etc/motd.tail
This file won't be existing in the server by default. So we need to create it first.
vim /etc/motd.tail
Then write down the message in the file. Then log out and log in. Now you can see that when you connect to the server, along with the last login and other details, this message will also be displayed.
What this file, /etc/motd.tail is doing is that it will append what ever we have written in this file to output of the /etc/motd file. /etc/motd file is responsible for the message which we see when we log in to the server.
The second method was the one which we were looking for as it will not interrupt the automatic scripts and will also show the required legal notice to the users.
Hope this helps somebody else also and be sure to let us know if this was useful to you. Also let us know if you know a better method for this or have some other suggestions.
1. /etc/issue.net
We can add the required legal notice in the file at /etc/issue.net. Then we need to comment out (remove the # symbol at the starting of the line) the line the below line in /etc/sshd_config
Banner /etc/issue.net
But we have encountered a different problem here. We have many automated scripts in the server which uses password less authentication using the ssh keys. These started failing. Why? The reason was due to how this method works. This is how it works:
This method will show what ever we have written in the /etc/issue.net file when ever there is an ssh session had made to the server before the authentication. So as this was unexpected for the automated scripts, it failed before connecting to the server. This is not what we wanted.
We wanted to show the legal notice in the server as well as we want all these automated scripts to work without any modifications. So we were looking for alternatives and found it.
2./etc/motd.tail
This file won't be existing in the server by default. So we need to create it first.
vim /etc/motd.tail
Then write down the message in the file. Then log out and log in. Now you can see that when you connect to the server, along with the last login and other details, this message will also be displayed.
What this file, /etc/motd.tail is doing is that it will append what ever we have written in this file to output of the /etc/motd file. /etc/motd file is responsible for the message which we see when we log in to the server.
The second method was the one which we were looking for as it will not interrupt the automatic scripts and will also show the required legal notice to the users.
Hope this helps somebody else also and be sure to let us know if this was useful to you. Also let us know if you know a better method for this or have some other suggestions.
No comments :
Post a Comment