SSH: adicionar um banner quando alguém tentar fazer Login

Isto é definido pelo parâmetro Banner do arquivo /etc/ssh/sshd_config.

Primeiro, crie o arquivo que conterá a mensagem que será apresentada quando o usuário tentar fazer login via SSH no servidor.

Arquivo: /etc/ssh/banner.txt

************************************************

            NOTICE TO USERS WARNING! 

The use of this system is restricted to authorized
users, unauthorized access is forbidden and will
be prosecuted by law. 

All information and communications on this system
are subject to review, monitoring and recording at
any time, without notice or permission. 

Users should have no expectation of privacy. 

*************************************************

Edite o arquivo /etc/ssh/sshd_config e procure pelo parâmetro Banner, geralmente está próximo do final desse arquivo.

Provavelmente esse parâmetro estará comentado:

#Banner /some/path

Altere essa linha para:

Banner /etc/ssh/banner.txt

Grave a alteração e reinicie o servidor do ssh:

service sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

ou

/etc/init.d/sshd restart

Para testar se tudo está OK, tente conectar-se via SSH no host que foi feita a alteração:

ssh localhost

Deverá ser apresentada uma tela parecida com a seguinte:

The authenticity of host 'localhost (127.0.0.1)' can't be established.
RSA key fingerprint is e8:86:ca:cc:e5:fd:cc:76:c3:57:55:5b:67:f8:98:c3.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (RSA) to the list of known hosts.
************************************************

            NOTICE TO USERS WARNING! 

The use of this system is restricted to authorized
users, unauthorized access is forbidden and will
be prosecuted by law. 

All information and communications on this system
are subject to review, monitoring and recording at
any time, without notice or permission. 

Users should have no expectation of privacy. 

*************************************************

root@localhost's password:
Share this post

Join the conversation