/etc/issue.net and /etc/ssh/sshd_config problems

Posted on 2003-03-04
Medium Priority
Last Modified: 2013-12-16
I setup Banner /etc/issue.net and it worked fine and dandy.  I havent really dont anything.  Honest! I read and re-read my admin journal and found nothing significant that would cause such issues (no pun intended).

So i changed the Banner /etc/issue.ssh (made a new file) and it isnt using it!!!  

the problem is, if i login in ssh on a win ssh program, it does this


contents of issue.net (not issue.ssh as sshd_config says)

(though doesnt interpret the esc sequences for colour)

then it asks for passwd.

only thing significant i noticed was that i used to be able to login in from other servers i got here w/o passwd and now it makes me again.

Question by:jwnrb
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 3

Expert Comment

ID: 8071141
issue file is configured by pam:
in /etc/pam.d/sshd

auth required pam_issue.so issue=/etc/issue.ssh

Author Comment

ID: 8071667
there is a ssh file  but no sshd file.
i am using debian linux something i should had said earlier.

it works fine if i am on a shell going to another shell.

however, if i am using say PuTTY for windows and SSHing into my box, there is no banner (/etc/issue.net).

then it loads the issue.net file w/o the esc codes being parsed.

then it asks for passwd

if i do cat /etc/issue.net it shows its fine.

if i use telnet on PuTTY the issue.net file loads fine then it asks for user and pass.

(before i forgot to /etc/init.d/ssh restart -- oops)
however, my new one loads up, however i like my pretty escape sequence i normally use and i like for it to load first, then user/pass.

i dont see why it asks for pass first.  if it doesnt work, i suppose oh well.  i guess thats how ssh was designed?

Expert Comment

ID: 8071795
OK, it is /etc/pam.d/ssh. Is there an pam_issue.so line inside it?
What do you mean without the esc codes being parsed. Are they printed as garbage, or are they filtered out?
Free Backup Tool for VMware and Hyper-V

Restore full virtual machine or individual guest files from 19 common file systems directly from the backup file. Schedule VM backups with PowerShell scripts. Set desired time, lean back and let the script to notify you via email upon completion.  


Author Comment

ID: 8071919
it is all garbage like [[35,33,11m strings like that.

there isnt a pam_issue or anything with issue in it.

Accepted Solution

Jaem earned 200 total points
ID: 8072444
Conflicting reports: sshd might use pam authentification. I would have expected the configuration file to be /etc/pam.d/sshd more than /etc/pam.d/ssh. Try to copy /etc/pam.d/ssh to /etc/pam.d/sshd, and add a pam_issue line. It should look like this:

auth  requisite    pam_nologin.so
auth  required     pam_env.so
auth  required     pam_issue.so issue=/etc/issue.ssh noesc
auth  required     pam_unix.so

For the moment, noesc kills escape codes. It has probably more to do with the client (avoiding doing anything funky before login), than with the server (since it is sending the escape codes). Make a backup of the pam files you will modify, and avoid doing those changes remotely! But pam is a pretty neat thing to play with.

Expert Comment

ID: 9076657
This old question needs to be finalized -- accept an answer, split points, or get a refund.  For information on your options, please click here-> http:/help/closing.jsp#1 
Post your closing recommendations!  No comment means you don't care.

Author Comment

ID: 10818811
close query

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Over the last ten+ years I have seen Linux configuration tools come and go. In the early days there was the tried-and-true, all-powerful linuxconf that many thought would remain the one and only Linux configuration tool until the end of times. Well,…
SSH (Secure Shell) - Tips and Tricks As you all know SSH(Secure Shell) is a network protocol, which we use to access/transfer files securely between two networked devices. SSH was actually designed as a replacement for insecure protocols that sen…
Connecting to an Amazon Linux EC2 Instance from Windows Using PuTTY.
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
Suggested Courses
Course of the Month14 days, 9 hours left to enroll

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question