This topic, I know, is not of the slightest importance to the project itself, but I remembered this when I was configuring LDAP authentications on Linux. When I ssh to test, I remembered the Banners and MotDs that I can place when a user logs in via SSH.
Basically, they are those messages/warnings that appear before entering the password and right after authenticating, they are messages, banners, etc. in ASCII.
For the written part of the banners in ASCII I used the website below, there are hundreds of font types all in ASCII designs: http://patorjk.com/software/taag/#p=display&f=Big&t=DevOps-DB%0A
I separated here how to do it in 3 versions of Linux, they are slightly different, but very similar.
The first part, of the Banner before authentication, is the same, what may change is how to restart the SSHD service, in Alpine, but it is described below in the Alpine tab.
There is code and examples on the internet if you want to make this more dynamic, for me, that’s enough.
Create the file with your ASCII banner, it can be in any folder or with any name, as it will be configured in the SSHD configuration file, but by default, I leave it in /etc/ssh/banner
vi /etc/ssh/banner
###############################################################################
ALERT! You are entering into a non secured area!
_____ _ _
| __ \ (_) | |
| |__) | __ ___ ____ _| |_ ___ _ _ ___ ___
| ___/ '__| \ \ / / _` | __/ _ \ | | | / __|/ _ \
| | | | | |\ V / (_| | || __/ | |_| \__ \ __/_
|_| |_| |_| \_/ \__,_|\__\___| \__,_|___/\___(_)
This host you are accessing is for educational and research use only. There is
no real data or anything to indicate real hosts or information.
At any time, this host can be deleted, shut down, restarted or have any kind of
problems.
###############################################################################
Now change the SSHD configuration file to point to this banner and add the “Banner” configuration as below.
vi /etc/ssh/sshd_config
Banner /etc/ssh/bannerHere, all you would have to do is restart the SSHD service and the Banner would be OK, but I will also show how to place a Banner when the user authenticates.
In Ubuntu, the motD package creates a folder /etc/update-motd.d/, it has Bash scripts that can be executed, unlike the Banner above which is just a text file.
There may already be several ready-made scripts in the folder, I delete some that I don’t use:
cd /etc/update-motd.d/
rm 10-help-text
rm 50-motd-news
rm 85-fwupd
rm 91-contract-ua-esm-status
rm 99-bentoI will create a 01-header-devops file. The numerical order (Prefix) of the file indicates the order in which MotD will display the messages.
vi 01-header-devops
#!/bin/sh
printf "###############################################################################\n"
printf " _____ ____ _____ ____ \n"
printf " | __ \ / __ \ | __ \| _ \ \n"
printf " | | | | _____ _| | | |_ __ ___ ______| | | | |_) | \n"
printf " | | | |/ _ \ \ / / | | | '_ \/ __|______| | | | _ < \n"
printf " | |__| | __/\ V /| |__| | |_) \__ \ | |__| | |_) | \n"
printf " |_____/ \___| \_/ \____/| .__/|___/ |_____/|____/ \n"
printf " | | \n"
printf " |_| \n"
printf " \n"
printf " Welcome to my personal DevOps-DB project: www.devops-db.com \n"
printf " \n"
printf "###############################################################################\n"You can validate the execution of the script, if the test below does not return anything, it was successful.
run-parts /etc/update-motd.d/ > /dev/nullChange folder permissions to execute and restart the SSHD service
sudo chmod +x /etc/update-motd.d/*
systemctl restart sshdIn AlmaLinux, MotD messages are more similar to those in Banner, there are no bash executions like in Ubuntu, but there is a folder /etc/motd.d/ to be able to have the order of messages defined by the prefix (numeral) of the file .
In the example, I will create 01-.
vi /etc/motd.d/01-header-devops
###############################################################################
_____ ____ _____ ____
| __ \ / __ \ | __ \| _ \
| | | | _____ _| | | |_ __ ___ ______| | | | |_) |
| | | |/ _ \ \ / / | | | '_ \/ __|______| | | | _ <
| |__| | __/\ V /| |__| | |_) \__ \ | |__| | |_) |
|_____/ \___| \_/ \____/| .__/|___/ |_____/|____/
| |
|_|
Welcome to my personal DevOps-DB project: www.devops-db.com
###############################################################################Restart the SSHD service and you are good to go.
systemctl restart sshdThis change in Alpine is the simplest of all, in this version MotD uses only one file: /etc/motd
So that’s where the banner plus any other message should be.
vi /etc/motd
###############################################################################
_____ ____ _____ ____
| __ \ / __ \ | __ \| _ \
| | | | _____ _| | | |_ __ ___ ______| | | | |_) |
| | | |/ _ \ \ / / | | | '_ \/ __|______| | | | _ <
| |__| | __/\ V /| |__| | |_) \__ \ | |__| | |_) |
|_____/ \___| \_/ \____/| .__/|___/ |_____/|____/
| |
|_|
Welcome to my personal DevOps-DB project: www.devops-db.com
###############################################################################
Restart the SSHD service.
rc-service sshd restartWith everything ready, do an ssh test on the host… the result looks like this:
ssh fbranco@172.21.5.173
###############################################################################
ALERT! You are entering into a non secured area!
_____ _ _
| __ \ (_) | |
| |__) | __ ___ ____ _| |_ ___ _ _ ___ ___
| ___/ '__| \ \ / / _` | __/ _ \ | | | / __|/ _ \
| | | | | |\ V / (_| | || __/ | |_| \__ \ __/_
|_| |_| |_| \_/ \__,_|\__\___| \__,_|___/\___(_)
This host you are accessing is for educational and research use only. There is
no real data or anything to indicate real hosts or information.
At any time, this host can be deleted, shut down, restarted or have any kind of
problems.
###############################################################################
fbranco@172.21.5.173's password:
###############################################################################
_____ ____ _____ ____
| __ \ / __ \ | __ \| _ \
| | | | _____ _| | | |_ __ ___ ______| | | | |_) |
| | | |/ _ \ \ / / | | | '_ \/ __|______| | | | _ <
| |__| | __/\ V /| |__| | |_) \__ \ | |__| | |_) |
|_____/ \___| \_/ \____/| .__/|___/ |_____/|____/
| |
|_|
Welcome to my personal DevOps-DB project: www.devops-db.com
###############################################################################
tst-alpine-01:~$This site uses Akismet to reduce spam. Learn how your comment data is processed.
Leave a Reply