在Oliver Pelz和Jonathan Hobson撰寫的CentOS 7 Linux Server Cookbook - Second Edition中提到Customizing system banners and message,可爲本地Shell進程和SSH設置提示信息。

以下是書中原話

Dispaly a welcome message if a user successfully logs in CentOS7 system using SSH or console, or opens a new terminal window in a graphical window manager.

For legal reasons, it is strongly recommended that computers displays a banner before allowing users to log in; lawyers suggest that the offense of unauthorized access can only be committed if the offender knows at the time that the access he intends to obtain is unauthorized. Login banners are the best way to achieve this. Apart from this resaon, you can provide the user with useful system infomation.


SSH

以下是書中原話

The banner behavior is disabled in the ssh daemon configuration file by default, which means that no message will be displayed if a user established an ssh connection.

SSH遠程登錄時顯示提示信息可分爲在登錄前和成功登錄後顯示兩種。

  • 登錄後顯示:修改/etc/motd文件
  • 登錄前顯示:在/etc/ssh/sshd_config文件中添加參數Banner

相關操作在遠程主機上進行

After Prompt

修改/etc/motd文件

使用SSH成功登錄遠程服務器後提示

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
#登錄遠程主機
[[email protected] ~]$ ssh [email protected]
Last login: Mon Feb 22 23:33:35 2016 from 192.168.0.102

#修改遠程主機中的文件/etc/motd
[[email protected] ~]# cat /etc/motd
[[email protected] ~]# vim /etc/motd

#顯示添加的內容
[[email protected] ~]# cat /etc/motd
#######################
# Love you, my lover! #
#######################
[[email protected] ~]# exit
logout
Connection to 192.168.0.106 closed.

#重新登錄該遠程主機,提示有之前添加的內容
[[email protected] ~]$ ssh [email protected]
Last login: Mon Feb 22 23:41:13 2016 from 192.168.0.102
#######################
# Love you, my lover! #
#######################
[[email protected] ~]#

Before Prompt

修改/etc/ssh/sshd_config文件,在其中添加Banner /etc/ssh-banner參數,新建文件/etc/ssh-banner,將提示信息寫入其中,重啓sshd服務。再次登錄,即能顯示提時信息

使用SSH登錄遠程服務器時提示

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
#遠程登錄
[[email protected] ~]$ ssh [email protected]
Last login: Mon Feb 22 23:42:04 2016 from 192.168.0.102

#查看配置文件/etc/ssh/sshd_config最後一行內容
[[email protected] ~]# tail -1 /etc/ssh/sshd_config
# ForceCommand cvs server

#追加信息至配置文件/etc/ssh/sshd_config
[[email protected] ~]# echo "Banner /etc/ssh-banner" >> /etc/ssh/sshd_config

#查看配置文件/etc/ssh/sshd_config最後一行內容
[[email protected] ~]# tail -1 /etc/ssh/sshd_config
Banner /etc/ssh-banner

#新建文件/etc/ssh-banner
[[email protected] ~]# vim /etc/ssh-banner

#顯示文件/etc/ssh-banner中內容
[[email protected] ~]# cat /etc/ssh-banner
#############################
# This is a SSH prompt test #
#############################

#重啓sshd服務
[[email protected] ~]# systemctl restart sshd.service
[[email protected] ~]# exit
logout
Connection to 192.168.0.106 closed.

#使用用戶flying登錄,提示信息出現在密碼輸入欄上方
[[email protected] ~]$ ssh [email protected]
#############################
# This is a SSH prompt test #
#############################
[email protected]'s password:
Last login: Mon Feb 22 23:51:22 2016 from 192.168.0.102
[[email protected] ~]$ id
uid=1000(flying) gid=1000(flying) groups=1000(flying)
[[email protected] ~]$

Shell

啓動Shell進程也可出現提示信息,主要通過修改Shell配置文件或創建腳本實現。

bashrc

/etc/bashrc中添加

1
2
3
4
5
6
7
if [ -n $USER ] && [ -z $SUDO_USER ];then
user="$USER"
else
user="$SUDO_USER"
fi

echo "Welcome, $user. Now Time is `date +'%F %T'`"

使用命令. /etc/bashrc使配置文件更改生效

開啓Shell子進程或新建Shell進程都會顯示相關信息

1
2
3
[[email protected] ~]$ bash
Welcome, flying. Now Time is 2016-02-23 00:03:38
[[email protected] ~]$

profile.d

在目錄/etc/profile.d/中創建文件motd.sh腳本

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
#!/bin/bash

colsta='\e[34m'
colend='\e[0m'

#col=""
#for (( i=0; i < `tput cols`; i++ ));do
# col=${col}'#'
#done

echo -e "
#####################################################
# This file is /etc/profile.d/motd.sh, another /etc/motd
# Welcome to $colsta`hostname`$colend, you are logged in as $colsta`whoami`$colend
# Now Time is $colsta`date +'%F %T'`$colend
# This system is running `cat /etc/redhat-release`
# Kernel is `uname -r`
# Uptime is `uptime | sed 's/.*up ([^,]*), .*/1/'`
#####################################################"

使用命令. /etc/profile.d/motd.sh使配置文件更改生效

開啓Shell子進程或新建Shell進程都會顯示相關信息

1
2
3
4
5
6
7
8
9
10
11
[[email protected] ~]$ bash

#####################################################
# This file is /etc/profile.d/motd.sh, another /etc/motd
# Welcome to lemp, you are logged in as flying
# Now Time is 2016-02-23 00:08:03
# This system is running CentOS Linux release 7.2.1511 (Core)
# Kernel is 3.10.0-327.10.1.el7.x86_64
# Uptime is 00:08:03 up 9:43, 4 users, load average: 0.18, 0.35, 0.36
#####################################################
[[email protected] ~]$

Change Log

  • 2016.02.23 00:12 Tue Asia/Beijing
    • 完成初稿,上傳至lempstacker部落格

  • Note Time: 2016.02.23 00:12 Tue
  • Note Location: Asia/Beijing
  • Writer: lempstacker