[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: consent to monitoring banner for ssh

> Bill Tangren wrote:
>> A new policy has been implemented here at work. The old policy stated
>> that, when someone logs in to a system via ssh, I had to display a
>> consent
>> to monitor banner, which is easy to implement.
>> The new policy, however, requires that the user has to somehow signify
>> that they have read and will abide by the policy. In essence, I have to
>> get a yes or no input from the user, possibly just after they log on,
>> and
>> if they say no, log them off. If they say yes, they get to proceed.
>> My question: what is the best way to implement this? I have to make sure
>> the user cannot remove this functionality for future logins, so I can't
>> put it in any of their login scripts. This is easy to implement for GUI
>> logins, but I don't know the best way to proceed for ssh. Any ideas?
> Put it in the sshd.conf the option to use a login banner and create the
> banner file with what you want it to say and then restart sshd they will
> see it before the login and acceptance of it by logging in.

So, put in a blurb that says in effect "if you log in, you consent to
this." Something like that? The directive I got was pretty clear. I had to
have some kind of button or something for them to press to accept (or

Bill Tangren
U.S. Naval Observatory

Ad eundum quo nemo ante iit

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]