因此,我为SSH服务器创建了一个bash脚本横幅,非常简单。它位于profile.d中:
/etc/profile.d/ssh_banner.sh
我已经如下编辑sshd_config文件:
# no default banner path
Banner /etc/profile.d/ssh_banner.sh
但是,当我登录服务器时,在执行脚本并显示输出之前,它会显示紧接之前的脚本源;
adam@adam-ThinkPad-T470s:~$ ssh adam@<IP_ADDRESS> -p 51536
#!/bin/bash
#Colours
red="\033[00;31m"
RED="\033[01;31m"
green="\033[00;32m"
GREEN="\033[01;32m"
brown="\033[00;33m"
YELLOW="\033[01;33m"
blue="\033[00;34m"
BLUE="\033[01;34m"
purple="\033[00;35m"
PURPLE="\033[01;35m"
cyan="\033[00;36m"
CYAN="\033[01;36m"
white="\033[00;37m"
WHITE="\033[01;37m"
NC="\033[00m"
echo -e "${WHITE}******************************************************************************"
echo -e "${WHITE}** **"
echo -e "${WHITE}** Powered By Raspbian **"
echo -e "${WHITE}** **"
echo -e "${YELLOW}******************************************************************************"
CPUMOD=$(cat /proc/cpuinfo | grep -m 1 -w 'model name' | awk -F: '{print $2}')
HOSTNAME=$(uname -n)
KERNEL=$(uname -r)
MEMTOTAL=$(cat /proc/meminfo | grep -m 1 -w 'MemTotal' | awk -F: '{print $2}')
MEMFREE=$(cat /proc/meminfo | grep -m 1 -w 'MemFree' | awk -F: '{print $2}')
SWAPTOTAL=$(cat /proc/meminfo | grep -m 1 -w 'SwapTotal' | awk -F: '{print $2}')
SWAPFREE=$(cat /proc/meminfo | grep -m 1 -w 'SwapFree' | awk -F: '{print $2}')
echo -e "** ${YELLOW}Unauthorised access to this network is strickly FORBIDDEN **"
echo -e "** ${YELLOW}If you havn't been given authorisation ${RED}LOGOUT IMMEDIATELY!${YELLOW} **"
echo -e "**${YELLOW} This logon has been recored **"
echo -e "${YELLOW}******************************************************************************"
echo -e ""
echo -e "${WHITE} Welcome ${YELLOW}${USER}${WHITE}"
echo -e ""
echo -e "${WHITE} Date: "`date`
echo -e ""
echo -e "${WHITE} Hostname: ${HOSTNAME}"
echo -e "${WHITE} CPU Model: ${CPUMOD}"
echo -e ""
echo -e "${WHITE} Total Memory: ${MEMTOTAL}"
echo -e "${WHITE} Free Memory: ${MEMFREE}"
echo -e ""
echo -e "${WHITE} Swap Total: ${SWAPTOTAL}"
echo -e "${WHITE} Swap Free: ${SWAPFREE}"
echo -e ""
# Reset Terminal Colour Back to Normal
echo -e "${NC}"
Last login: Wed Nov 7 12:56:47 2018 from <IP_ADDRESS>
******************************************************************************
** **
** Powered By Raspbian **
** **
******************************************************************************
** Unauthorised access to this network is strickly FORBIDDEN **
** If you havn't been given authorisation LOGOUT IMMEDIATELY! **
** This logon has been recored **
******************************************************************************
Welcome adam
Date: Wed 7 Nov 13:18:42 UTC 2018
Hostname: pi
CPU Model: ARMv7 Processor rev 4 (v7l)
Total Memory: 949448 kB
Free Memory: 781588 kB
Swap Total: 102396 kB
Swap Free: 102396 kB
adam@pi:~ $
在最后一次登录的行通知之后,将打印出预期的横幅, 我尝试将ssh_banner.sh放在其他目录中,这导致ssh仅打印源,而没有执行的输出。 /etc/profile.d是SSH执行标语的唯一目录。
我不明白为什么会这样,如果有人能帮助我,我将不胜感激。
答案 0 :(得分:0)
文档中指出,sshd不会执行或未提供您的横幅广告ssh_banner.sh:
横幅
在允许身份验证之前,指定文件的内容已发送到远程用户。如果参数为“ none”,则不会显示任何横幅。此选项仅适用于协议版本2。默认情况下,不显示横幅。
如果将横幅ssh_banner.sh放在/etc/profile.d下,则该横幅是通过正常登录过程获取的,与sshd无关。
因此,您可以在#中标语行的前面加上评论sshd_config,而ssh_banner.sh仍是正常登录时的来源。