000033432 - How to protect logins with SSH & MOTD Banner Messages on RSA Authentication Manager 3.0

Document created by RSA Customer Support Employee on Jan 11, 2017Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000033432
Applies To

RSA Product Set: SecurID
RSA Product/Service Type: RSA SecurID Appliance
RSA Version/Condition: 3.0.4.10
Platform: Red Hat Enterprise Linux ES release 4

IssueCustomer would like to display a banner for ssh login.
TasksThere are two ways to display messages one is using issue.net file and second one is using MOTD file.
  • issue.net : Display a banner message before the password login prompt.
  • motd : Display a banner message after the user has logged in.
ResolutionTo display Welcome or Warning message for SSH users before login. We use issue.net file to display a banner massages. Open the following file with VI editor.
 
# vi /etc/issue.net

Add the following banner sample message and save the file. You can add any custom banner message to this file.
 
############################################################
#                     Welcome to RSA SecurID Appliance
#                     All connections are monitored and recorded
#                     Disconnect IMMEDIATELY if you are not an authorized user !
############################################################

Open the master ssh configuration file and enable banners.
 
# vi /etc/ssh/sshd_config

Search for the word “Banner” and insert the line below and save the file.
Banner /etc/issue.net

Note: you can use any path you want
Next, restart the SSH daemon to reflect new changes.
 
# /etc/init.d/sshd restart
Stopping sshd:                                             [  OK  ]
Starting sshd:                                             [  OK  ]

Now try to connect to server you will see banner message you edited in the /etc/issue.net
To display banner messages after login, we use motd file, which is used to display banner massages after login. Now open it with VI editor.
 
# vi /etc/motd

Place the following banner sample message and save the file.
############################################################
#                     Welcome to RSA SecurID Appliance
#                     All connections are monitored and recorded
#                     Disconnect IMMEDIATELY if you are not an authorized user !
############################################################

Now again try to login into server you will get both the banner messages.

Attachments

    Outcomes