ONTAP Discussions

SSH MOTD login banner for CDOT

SMLocke
9,874 Views

Hello friends,

 

I've had a google walk over how to set the SSH MOTD login banner for my cDOT 8.2.3 filers, and near as I can tell (per bug 489882), this isn't a feature that is yet implemented in cDOT. The weird thing is, my filers actually do have an MOTD that appears after you log in via SSH. I'm not sure how that got set, as the filers were set up before I started at this company. 

 

I need to change the MOTD, and I'll be darned if I can figure out how to do it. Is there some place I'm just not looking to get the information I need?  Thanks all!

7 REPLIES 7

JGPSHNTAP
9,871 Views

Interesting.. this is only available in 8.3.1 I believe...

 

Type this command - security login banner show -instance

SMLocke
9,863 Views
Yep, sec login banner isn't a thing in 8.2.3. Someone must have hacked a way around, because there's definitely a login banner there. Maybe it's something they got at via the system shell? Also, the CN1601 and CN1610 switches also have those login banners ... I'll have to investigate how you go about changing the MOTDs there as well. Not like literally anyone needs to log in to those switches for any reason most of the time, but I still gotta change those MOTDs. Oy vey.

rwelshman
9,825 Views

Maybe check to see if there is an issue file created in the /etc of the node(s), "node run -node * rdfile /etc/issue"

ekashpureff
9,793 Views

 

rwelshman -

 

It's the /etc/motd file to edit in 7-mode, but this has no effect in cluster mode.


I hope this response has been helpful to you.

 

At your service,

 

Eugene E. Kashpureff, Sr.
Independent NetApp Consultant http://www.linkedin.com/in/eugenekashpureff
Senior NetApp Instructor, IT Learning Solutions http://sg.itls.asia/netapp
(P.S. I appreciate 'kudos' on any helpful posts.)

 

ekashpureff
9,794 Views

SMLocke -

 

It's a systemshell hack.

 

You can only set the message for ssh logins to the cluster shell.

 

You need to unlock diag user.

 

Then 'sudo vi /etc/ssh/sshd_config'.

 

Edit the #Banner line to uncomment it, and reference the motd file you want to use.

(Your sshd_config has probably already been changed, just edit the file the Banner line is pointing to.)

 

Thank you for giving me an interesting question to hack through !

 

: )


I hope this response has been helpful to you.

 

At your service,

 

Eugene E. Kashpureff, Sr.
Independent NetApp Consultant http://www.linkedin.com/in/eugenekashpureff
Senior NetApp Instructor, IT Learning Solutions http://sg.itls.asia/netapp
(P.S. I appreciate 'kudos' on any helpful posts.)

 

ekashpureff
9,790 Views

 

SMLocke -

 

You need to edit the files for the node that hosts the cluster mgt LIF.

You might want to edit the config on all nodes for it to take effect on all node mgt LIFs.

 

Also, sshd needs to be restarted to read the changes to /etc/ssh/sshd_config

You probably don't need to do this, as long as you don't need to re-edit the config.

It should pick up the edits you make to the motd file.

 

I rebooted my 8.21 simulator to get it to take.


I hope this response has been helpful to you.

 

At your service,

 

Eugene E. Kashpureff, Sr.
Independent NetApp Consultant http://www.linkedin.com/in/eugenekashpureff
Senior NetApp Instructor, IT Learning Solutions http://sg.itls.asia/netapp
(P.S. I appreciate 'kudos' on any helpful posts.)

 

SMLocke
9,765 Views

Good input, everyone! I ended up popping into the systems hell and editing (or creating) /etc/ssh/ssh_banner on every node and monkeying around with VI until it worked. And THEN I saw everyone's feedback, of course. In any case, there's likely more than one way to skin a cat, and I bet everyone's solutions here would get the next person to the place they wanna be.

 

Thanks all!

Public