RE: SSH login banner?
Hi Erik, Thank you for posting this, it might come handy in the near future when I implement SSHv2 in my network. Lisandro Date: Wed, 26 Sep 2007 15:25:08 +0200 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: Re: SSH login banner? On Wed, Sep 26, 2007 at 09:15:38AM -0400, [EMAIL PROTECTED] wrote: I need to apply an SSH user agreement policy so users agrees to the AUP _before_ they login. Everything I read puts the police on the screen after login. Any ideas? --Joe The sshd_config(5) manpage documents the following option: Banner In some jurisdictions, sending a warning message before authenti- cation may be relevant for getting legal protection. The con- tents of the specified file are sent to the remote user before authentication is allowed. This option is only available for protocol version 2. By default, no banner is displayed. Sounds like exactly what you want. -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] _ Discover the new Windows Vista http://search.msn.com/results.aspx?q=windows+vistamkt=en-USform=QBRE___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
SSH login banner?
I need to apply an SSH user agreement policy so users agrees to the AUP _before_ they login. Everything I read puts the police on the screen after login. Any ideas? --Joe _ News, entertainment and everything you care about at Live.com. Get it now! http://www.live.com/getstarted.aspx___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH login banner?
On Wed, Sep 26, 2007 at 09:15:38AM -0400, [EMAIL PROTECTED] wrote: I need to apply an SSH user agreement policy so users agrees to the AUP _before_ they login. Everything I read puts the police on the screen after login. Any ideas? --Joe The sshd_config(5) manpage documents the following option: Banner In some jurisdictions, sending a warning message before authenti- cation may be relevant for getting legal protection. The con- tents of the specified file are sent to the remote user before authentication is allowed. This option is only available for protocol version 2. By default, no banner is displayed. Sounds like exactly what you want. -- Insert your favourite quote here. Erik Trulsson [EMAIL PROTECTED] ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH login banner?
On Wed, 26 Sep 2007 09:15:38 -0400 [EMAIL PROTECTED] wrote: I need to apply an SSH user agreement policy so users agrees to the AUP _before_ they login. Everything I read puts the police on the screen after login. Any ideas? --Joe Have a look under /etc/sshd/ There is an sshd conf file. Open it, look for Banner. I created a /etc/welcome.msg and put that location within the conf file. Restart sshd and viola. Now, wasnt this easier then someone telling you to have a look at some man page?! -- Best regards, Chris Registerd Linux user number 448639 ___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
RE: SSH login banner?
I really appreciate the time and effort you took to answer my questionThank you for a clear and concise answer! --Joe Date: Wed, 26 Sep 2007 09:12:35 -0500 From: [EMAIL PROTECTED] To: [EMAIL PROTECTED] CC: freebsd-questions@freebsd.org Subject: Re: SSH login banner? On Wed, 26 Sep 2007 09:15:38 -0400 [EMAIL PROTECTED] wrote: I need to apply an SSH user agreement policy so users agrees to the AUP _before_ they login. Everything I read puts the police on the screen after login. Any ideas? --Joe Have a look under /etc/sshd/ There is an sshd conf file. Open it, look for Banner. I created a /etc/welcome.msg and put that location within the conf file. Restart sshd and viola. Now, wasnt this easier then someone telling you to have a look at some man page?! -- Best regards, Chris Registerd Linux user number 448639 _ Discover the new Windows Vista http://search.msn.com/results.aspx?q=windows+vistamkt=en-USform=QBRE___ freebsd-questions@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH login banner: IP address instead of DNS name
Hi again. When I SSH into my 4.8 box, the first line of the banner is: Last login: Mon Jun 30 19:31:44 2003 from 15-characters-of-a-host-name That DNS name is truncated to 15 characters. I would much prefer an IP address. What do I need to change to get this? --Paul Hoffman You can alter sshd's banner at the directive named Banner in the file c/sshd/sshd_config. Cheer, Want to chat instantly with your online friends? Get the FREE Yahoo! Messenger http://uk.messenger.yahoo.com/ ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH login banner: IP address instead of DNS name
At 12:41 PM on Tuesday 1 July 2003, Supote leelasupphakorn wrote: Hi again. When I SSH into my 4.8 box, the first line of the banner is: Last login: Mon Jun 30 19:31:44 2003 from 15-characters-of-a-host-name That DNS name is truncated to 15 characters. I would much prefer an IP address. What do I need to change to get this? --Paul Hoffman Run sshd with the -u 15 option. You can do so by adding this line to /etc/rc.conf: sshd_flags=-u 15 You can alter sshd's banner at the directive named Banner in the file c/sshd/sshd_config. That banner is shown before authentication, which is not what Paul is talking about. -- David Siebörger [EMAIL PROTECTED] ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH login banner: IP address instead of DNS name
At 9:04 PM +0200 7/1/03, David Siebörger wrote: At 12:41 PM on Tuesday 1 July 2003, Supote leelasupphakorn wrote: Hi again. When I SSH into my 4.8 box, the first line of the banner is: Last login: Mon Jun 30 19:31:44 2003 from 15-characters-of-a-host-name That DNS name is truncated to 15 characters. I would much prefer an IP address. What do I need to change to get this? --Paul Hoffman Run sshd with the -u 15 option. You can do so by adding this line to /etc/rc.conf: sshd_flags=-u 15 Perfect, that's exactly what I needed. Thanks! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
Re: SSH login banner: IP address instead of DNS name
Paul Hoffman wrote: At 9:04 PM +0200 7/1/03, David Siebörger wrote: At 12:41 PM on Tuesday 1 July 2003, Supote leelasupphakorn wrote: Hi again. When I SSH into my 4.8 box, the first line of the banner is: Last login: Mon Jun 30 19:31:44 2003 from 15-characters-of-a-host-name That DNS name is truncated to 15 characters. I would much prefer an IP address. What do I need to change to get this? --Paul Hoffman Run sshd with the -u 15 option. You can do so by adding this line to /etc/rc.conf: sshd_flags=-u 15 Perfect, that's exactly what I needed. Thanks! ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED] try sshd_flags=-u0 instead (man sshd) This will show only the IP. In addition, this will halt the DNS lookups -- Best regards, Chris __ PGP Fingerprint = D976 2575 D0B4 E4B0 45CC AA09 0F93 FF80 C01B C363 PGP Mail encouraged / preferred - keys available on common key servers __ 01010010011101100011011001010111001001011000 ___ [EMAIL PROTECTED] mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-questions To unsubscribe, send any mail to [EMAIL PROTECTED]
