Just read this thread. I may be missing something here, but why are you using issue.net for SSH banners?
On Wed, Jan 21, 2015 at 7:36 AM, Jeremiah Jahn < [email protected]> wrote: > Nope, I don't think I ever did. I'm assuming the principles are so > overwhelmed, given the current amount of activity, that the thing to > do would be submit your own patch that splits these things up into two > pieces. I got sucked into a different project right now, otherwise, > that's what I'd probably do. Now that everything is on github, it's a > lot easier. > > On Wed, Jan 21, 2015 at 2:09 AM, Gerwin Krist | LinQhost Internet > Services <[email protected]> wrote: > > Hi, > > > > Did you get any response on this one? Only allowing /etc/issue is not > > workable when using > > both console and ssh logins. The console login is accepting escape > cookies > > the ssh version > > not. > > > > > > On 08/01/2014 10:38 PM, Jeremiah Jahn wrote: > >> > >> We used to have to keep out banners under /etc/issue for the console, > >> and /etc/issue.net for remote access. > >> Would it be okay to make this rule deal with either one? > >> > >> diff --git a/shared/oval/sshd_enable_warning_banner.xml > >> b/shared/oval/sshd_enable_warning_banner.xml > >> index 0bd8d32..ace8b75 100644 > >> --- a/shared/oval/sshd_enable_warning_banner.xml > >> +++ b/shared/oval/sshd_enable_warning_banner.xml > >> @@ -25,7 +25,7 @@ > >> </ind:textfilecontent54_test> > >> <ind:textfilecontent54_object id="obj_sshd_banner_set" version="2"> > >> <ind:filepath>/etc/ssh/sshd_config</ind:filepath> > >> - <ind:pattern operation="pattern > >> > >> > match">^[\s]*(?i)Banner(?-i)[\s]+/etc/issue[\s]*(?:|(?:#.*))?$</ind:pattern> > >> + <ind:pattern operation="pattern > >> > >> > match">^[\s]*(?i)Banner(?-i)[\s]+/etc/issue(.net){0,1}[\s]*(?:|(?:#.*))?$</ind:pattern> > >> <ind:instance datatype="int">1</ind:instance> > >> </ind:textfilecontent54_object> > >> </def-group> > > > > > -- > SCAP Security Guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/ >
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
