This may not be the best long term approach, but I've always symlinked /etc/motd and /etc/issue.net against /etc/issue to solve this annoying problem...
Cheers -chris On Jan 21, 2015 7:03 AM, "Gabe Alford" <[email protected]> wrote: > Just read this thread. > > I may be missing something here, but why are you using issue.net for SSH > banners? > > On Wed, Jan 21, 2015 at 7:36 AM, Jeremiah Jahn < > [email protected]> wrote: > >> Nope, I don't think I ever did. I'm assuming the principles are so >> overwhelmed, given the current amount of activity, that the thing to >> do would be submit your own patch that splits these things up into two >> pieces. I got sucked into a different project right now, otherwise, >> that's what I'd probably do. Now that everything is on github, it's a >> lot easier. >> >> On Wed, Jan 21, 2015 at 2:09 AM, Gerwin Krist | LinQhost Internet >> Services <[email protected]> wrote: >> > Hi, >> > >> > Did you get any response on this one? Only allowing /etc/issue is not >> > workable when using >> > both console and ssh logins. The console login is accepting escape >> cookies >> > the ssh version >> > not. >> > >> > >> > On 08/01/2014 10:38 PM, Jeremiah Jahn wrote: >> >> >> >> We used to have to keep out banners under /etc/issue for the console, >> >> and /etc/issue.net for remote access. >> >> Would it be okay to make this rule deal with either one? >> >> >> >> diff --git a/shared/oval/sshd_enable_warning_banner.xml >> >> b/shared/oval/sshd_enable_warning_banner.xml >> >> index 0bd8d32..ace8b75 100644 >> >> --- a/shared/oval/sshd_enable_warning_banner.xml >> >> +++ b/shared/oval/sshd_enable_warning_banner.xml >> >> @@ -25,7 +25,7 @@ >> >> </ind:textfilecontent54_test> >> >> <ind:textfilecontent54_object id="obj_sshd_banner_set" version="2"> >> >> <ind:filepath>/etc/ssh/sshd_config</ind:filepath> >> >> - <ind:pattern operation="pattern >> >> >> >> >> match">^[\s]*(?i)Banner(?-i)[\s]+/etc/issue[\s]*(?:|(?:#.*))?$</ind:pattern> >> >> + <ind:pattern operation="pattern >> >> >> >> >> match">^[\s]*(?i)Banner(?-i)[\s]+/etc/issue(.net){0,1}[\s]*(?:|(?:#.*))?$</ind:pattern> >> >> <ind:instance datatype="int">1</ind:instance> >> >> </ind:textfilecontent54_object> >> >> </def-group> >> > >> > >> -- >> SCAP Security Guide mailing list >> [email protected] >> https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide >> https://github.com/OpenSCAP/scap-security-guide/ >> > > > -- > SCAP Security Guide mailing list > [email protected] > https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide > https://github.com/OpenSCAP/scap-security-guide/ >
-- SCAP Security Guide mailing list [email protected] https://lists.fedorahosted.org/mailman/listinfo/scap-security-guide https://github.com/OpenSCAP/scap-security-guide/
