SSH Consent Banner
Mertens, Bram
mertensb at mazdaeur.com
Tue Feb 12 16:10:38 UTC 2008
Indeed but the OPs script doesn't do this.
To do so add something like the following to the top of the script:
trap "logoutfunction" TERM INT
The logoutfunction has to be defined before this statement and could
contain the code you use for terminating people's session.
I was wondering if it is necessary to use such a rather complicated
structure to log the user out. Isn't it possible to use exit?
Something like:
trap 'exit' TERM INT
HOSTNAME=`hostname`
GREET=`cat /etc/issue`
echo $GREET
echo "Do you agree to this consent? [Y/N]"
read answer
case $answer in
Y|y)
echo "Welcome to $HOSTNAME."
;;
N|n)
echo "Goodbye."
sleep 2
exit
;;
*)
echo "Goodbye. Try SSH again"
echo "You Must enter a Y or a N "
sleep 2
exit
;;
esac
Regards
Bram
>
Mazda Motor Logistics Europe NV, Blaasveldstraat 162, B-2830 Willebroek
VAT BE 406.024.281, RPR Mechelen, ING 310-0092504-52, IBAN : BE64 3100 0925 0452, SWIFT : BBRUBEBB
-----Original Message-----
> From: redhat-list-bounces at redhat.com
> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Mike Burger
> Sent: dinsdag 12 februari 2008 16:19
> To: General Red Hat Linux discussion list
> Subject: RE: SSH Consent Banner
>
> Not if you trap the CTRL-C sequence within the script.
>
> > Doesn't pressing CTRL+C get you out of this? In that it stops
> > processing the script but still lets you log in.
> >
> > Regards
> >
> > Bram
> >
> >>
> >
> >
> > Mazda Motor Logistics Europe NV, Blaasveldstraat 162,
> B-2830 Willebroek
> > VAT BE 406.024.281, RPR Mechelen, ING 310-0092504-52, IBAN
> : BE64 3100
> > 0925 0452, SWIFT : BBRUBEBB
> >
> > -----Original Message-----
> >> From: redhat-list-bounces at redhat.com
> >> [mailto:redhat-list-bounces at redhat.com] On Behalf Of Paul Whitney
> >> Sent: zaterdag 2 februari 2008 2:07
> >> To: General Red Hat Linux discussion list
> >> Subject: Re: SSH Consent Banner
> >>
> >> Actually, this worked for me. I created a separate script
> >> that is called
> >> within /etc/bashrc. This is what happens. It is probably
> >> considered crude,
> >> but it works for me. Please let me know if there is a flaw in
> >> this approach.
> >>
> >> Thanks.
> >>
> >> Paul
> >>
> >> HOSTNAME=`hostname`
> >> GREET=`cat /etc/issue`
> >> echo $GREET
> >> echo "Do you agree to this consent? [Y/N]"
> >> read answer
> >>
> >> case $answer in
> >>
> >> Y|y)
> >> echo "Welcome to $HOSTNAME."
> >> ;;
> >>
> >> N|n)
> >> echo "Goodbye."
> >> sleep 2
> >> PID=`ps -ef | grep ssh_test_1 | awk ' {print $3} '`
> >> kill -9 $PID
> >> ;;
> >>
> >> *)
> >> echo "Goodbye. Try SSH again"
> >> echo "You Must enter a Y or a N "
> >> sleep 2
> >> PID=`ps -ef | grep ssh_test_1 | awk ' {print $3} '`
> >> kill -9 $PID
> >> ;;
> >>
> >> esac
> >>
> >>
> >>
> >> On 2/1/08 7:21 PM, "Nikolas Lam"
> >> <nlam87346 at library.usyd.edu.au> wrote:
> >>
> >> >
> >> >
> >> > On Fri, 2008-02-01 at 11:08 -0500, Paul Whitney wrote:
> >> >> Can someone tell me how to configure SSHD to present a
> >> yes/no prompt? My
> >> >> system currently is configured to present a consent
> >> banner, but it does not
> >> >> require users to agree to the consent. Any help is appreciated.
> >> >>
> >> >> Paul W.
> >> >>
> >> >>
> >> >
> >> > Not sure how to do exactly that, but you could just present
> >> something
> >> > using
> >> >
> >> > Banner /etc/ssh_issue
> >> >
> >> > in /etc/ssh/sshd_config. This will print the contents of
> >> /etc/ssh_issue
> >> > just before putting in their passwords. In it you could
> >> say, entering
> >> > your password is agreeing to your terms and conditions.
> >> >
> >> > Once they log in, they'll also by default get the
> system's /etc/motd
> >> >
> >> >
> >> > N.
> >> >
> >> >
> >>
> >>
> >> --
> >> redhat-list mailing list
> >> unsubscribe
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> >> https://www.redhat.com/mailman/listinfo/redhat-list
> >>
> >
> > --
> > redhat-list mailing list
> > unsubscribe
> mailto:redhat-list-request at redhat.com?subject=unsubscribe
> > https://www.redhat.com/mailman/listinfo/redhat-list
> >
>
>
> --
> Mike Burger
> http://www.bubbanfriends.org
>
> Visit the Dog Pound II BBS
> telnet://dogpound2.citadel.org or http://dogpound2.citadel.org
>
> To be notified of updates to the web site, visit:
>
> https://www.bubbanfriends.org/mailman/listinfo/site-update
>
> or send a blank email message to:
>
> site-update-subscribe at bubbanfriends.org
>
> --
> redhat-list mailing list
> unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
> https://www.redhat.com/mailman/listinfo/redhat-list
>
More information about the redhat-list
mailing list