Login Warning

[Wayne Betts]

Apparently Kelley Coleman (Kelley.Coleman at va.gov) wrote:

>I've been tasked to get login warnings on our Linux systems.  On the
>console, I need a login warning to display on the same screen or on an
>immediately prior screen where the username and password would be
>entered. 
> 
>I also need to display the same or similar warning on all ssh and sftp
>connections.  I've found where I can get the warnings to show AFTER
>someone has connected, but not before. Seems a little
>counter-intuitive
>to me, but I'm told by our security officer that it is a requirement. 
> 
>Any thoughts?
>
>Kelley Coleman
>  
>

Try the Banner option in the sshd_config.  It displays the banner before 
the login process is done, and still allows a separate motd if you like 
which as you've discovered is displayed after authentication.

In the sshd_config file, look for (or add yourself) a line starting with 
"Banner"  There is probably already a Banner line commented out.  Here 
for instance is what mine looks like:

# no default banner path
#Banner /some/path
Banner /etc/DOEbanner

The first two lines are exactly as packaged, effectively turning the 
option off since they are commented out.  The third line I added (plus 
of course I created the file /etc/DOEbanner with the required text.)  
(Restart your sshd (or SIGHUP) to reread the new configuration once done.)

Hth,

Wayne (not Wayner)