[Webinar] Streamline your web hosting managementRegister Today

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1331
  • Last Modified:

/etc/issue.net and /etc/ssh/sshd_config problems

I setup Banner /etc/issue.net and it worked fine and dandy.  I havent really dont anything.  Honest! I read and re-read my admin journal and found nothing significant that would cause such issues (no pun intended).

So i changed the Banner /etc/issue.ssh (made a new file) and it isnt using it!!!  

the problem is, if i login in ssh on a win ssh program, it does this

login:

contents of issue.net (not issue.ssh as sshd_config says)

(though doesnt interpret the esc sequences for colour)

then it asks for passwd.

only thing significant i noticed was that i used to be able to login in from other servers i got here w/o passwd and now it makes me again.

thanks
0
jwnrb
Asked:
jwnrb
  • 3
  • 3
1 Solution
 
JaemCommented:
issue file is configured by pam:
in /etc/pam.d/sshd

auth required pam_issue.so issue=/etc/issue.ssh
0
 
jwnrbAuthor Commented:
there is a ssh file  but no sshd file.
i am using debian linux something i should had said earlier.

it works fine if i am on a shell going to another shell.

however, if i am using say PuTTY for windows and SSHing into my box, there is no banner (/etc/issue.net).

then it loads the issue.net file w/o the esc codes being parsed.

then it asks for passwd

if i do cat /etc/issue.net it shows its fine.

if i use telnet on PuTTY the issue.net file loads fine then it asks for user and pass.

(before i forgot to /etc/init.d/ssh restart -- oops)
however, my new one loads up, however i like my pretty escape sequence i normally use and i like for it to load first, then user/pass.

i dont see why it asks for pass first.  if it doesnt work, i suppose oh well.  i guess thats how ssh was designed?
0
 
JaemCommented:
OK, it is /etc/pam.d/ssh. Is there an pam_issue.so line inside it?
What do you mean without the esc codes being parsed. Are they printed as garbage, or are they filtered out?
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
jwnrbAuthor Commented:
it is all garbage like [[35,33,11m strings like that.

there isnt a pam_issue or anything with issue in it.
0
 
JaemCommented:
Conflicting reports: sshd might use pam authentification. I would have expected the configuration file to be /etc/pam.d/sshd more than /etc/pam.d/ssh. Try to copy /etc/pam.d/ssh to /etc/pam.d/sshd, and add a pam_issue line. It should look like this:


auth  requisite    pam_nologin.so
auth  required     pam_env.so
auth  required     pam_issue.so issue=/etc/issue.ssh noesc
auth  required     pam_unix.so
....

For the moment, noesc kills escape codes. It has probably more to do with the client (avoiding doing anything funky before login), than with the server (since it is sending the escape codes). Make a backup of the pam files you will modify, and avoid doing those changes remotely! But pam is a pretty neat thing to play with.
0
 
CleanupPingCommented:
jwnrb:
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
EXPERTS:
Post your closing recommendations!  No comment means you don't care.
0
 
jwnrbAuthor Commented:
close query
0

Featured Post

The new generation of project management tools

With monday.com’s project management tool, you can see what everyone on your team is working in a single glance. Its intuitive dashboards are customizable, so you can create systems that work for you.

  • 3
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now