This may not be the best long term approach, but I've always symlinked
/etc/motd and /etc/issue.net against /etc/issue to solve this annoying
problem...
Cheers
-chris
On Jan 21, 2015 7:03 AM, "Gabe Alford" <redhatrises(a)gmail.com> wrote:
Just read this thread.
I may be missing something here, but why are you using
issue.net for SSH
banners?
On Wed, Jan 21, 2015 at 7:36 AM, Jeremiah Jahn <
jeremiah(a)goodinassociates.com> wrote:
> Nope, I don't think I ever did. I'm assuming the principles are so
> overwhelmed, given the current amount of activity, that the thing to
> do would be submit your own patch that splits these things up into two
> pieces. I got sucked into a different project right now, otherwise,
> that's what I'd probably do. Now that everything is on github, it's a
> lot easier.
>
> On Wed, Jan 21, 2015 at 2:09 AM, Gerwin Krist | LinQhost Internet
> Services <gerwin(a)linqhost.nl> wrote:
> > Hi,
> >
> > Did you get any response on this one? Only allowing /etc/issue is not
> > workable when using
> > both console and ssh logins. The console login is accepting escape
> cookies
> > the ssh version
> > not.
> >
> >
> > On 08/01/2014 10:38 PM, Jeremiah Jahn wrote:
> >>
> >> We used to have to keep out banners under /etc/issue for the console,
> >> and /etc/issue.net for remote access.
> >> Would it be okay to make this rule deal with either one?
> >>
> >> diff --git a/shared/oval/sshd_enable_warning_banner.xml
> >> b/shared/oval/sshd_enable_warning_banner.xml
> >> index 0bd8d32..ace8b75 100644
> >> --- a/shared/oval/sshd_enable_warning_banner.xml
> >> +++ b/shared/oval/sshd_enable_warning_banner.xml
> >> @@ -25,7 +25,7 @@
> >> </ind:textfilecontent54_test>
> >> <ind:textfilecontent54_object id="obj_sshd_banner_set"
version="2">
> >> <ind:filepath>/etc/ssh/sshd_config</ind:filepath>
> >> - <ind:pattern operation="pattern
> >>
> >>
>
match">^[\s]*(?i)Banner(?-i)[\s]+/etc/issue[\s]*(?:|(?:#.*))?$</ind:pattern>
> >> + <ind:pattern operation="pattern
> >>
> >>
>
match">^[\s]*(?i)Banner(?-i)[\s]+/etc/issue(.net){0,1}[\s]*(?:|(?:#.*))?$</ind:pattern>
> >> <ind:instance datatype="int">1</ind:instance>
> >> </ind:textfilecontent54_object>
> >> </def-group>
> >
> >
> --
> SCAP Security Guide mailing list
> scap-security-guide(a)lists.fedorahosted.org
>
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
>
https://github.com/OpenSCAP/scap-security-guide/
>
--
SCAP Security Guide mailing list
scap-security-guide(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide
https://github.com/OpenSCAP/scap-security-guide/