User Logins and Accounts
When a login occurs, the SSH server can take special actions. Here, we discuss:
Printing welcome messages for the user
Setting environment variables
Taking arbitrary actions with initialization scripts
5.6.1 Welcome Messages for the User
sshd can display custom messages
for the user before and after authentication. Before authentication,
the SSH server can optionally display the contents of any file you
select with the Banner
keyword
(OpenSSH) or BannerMessageFile
keyword (Tectia):
# OpenSSH Banner /usr/local/etc/warning.txt # Tectia BannerMessageFile /usr/local/etc/warning.txt
By default, OpenSSH displays no banner message, whereas Tectia displays the contents of /etc/ssh2/ssh_banner_message if the file exists.[76] The banner message is often used for legal statements that forbid unauthorized access. Since the file is sent before authentication, be careful that it doesn’t reveal sensitive information.
After authentication, both OpenSSH’s and Tectia’s
sshd optionally prints the standard Unix “message
of the day” file ( /etc/motd ).
This output may be turned on and off with the PrintMotd
keyword with the value yes
(the default) or no
:
PrintMotd no
Since most Unix shells print /etc/motd on login, this SSH feature is often redundant and turned off.
For Tectia, a message about email (e.g., “You have mail”) is
printed on login if the CheckMail
keyword has the value of yes
(the
default), or the message is skipped if the value is no
:
# Tectia CheckMail yes ...
Get SSH, The Secure Shell: The Definitive Guide, 2nd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.