2

I have a fresh installation of OpenSSH. In the /etc/ssh/sshd_config I have the following entry: Banner /etc/issue.net I have restarted the SSH deamon using: sudo /etc/init.d/ssh restart. Now, whenever I try to run ssh user@localhost it works just fine, except it doesn't show the pre-login banner.

What can cause this problem?

Improve this question
5
  • Any output in /var/log/messages or /var/log/secure (depending on your distro)? Commented Jan 25, 2015 at 0:02
  • @SailorCire /var/log/syslog (Ubuntu 14.04) doesn't show anything related to SSH. Commented Jan 25, 2015 at 0:18
  • Improper permissions on /etc/issue.net? Commented Jan 25, 2015 at 4:25
  • @mdpc and what are the proper permissions? Commented Jan 25, 2015 at 12:01
  • The problem is "selinux". I ran "setenforce 0" and the banner was displayed. Now, the real problem is finding a solution, other than disabling selinux. Commented Jul 6, 2016 at 18:38

3 Answers 3

Reset to default
6

Possibilities:

  1. sshd is reading a different config file from the one you've edited
  2. sshd is running in a chroot environment which doesn't include the file you specified
  3. sshd didn't really restart, perhaps because you have systemd and the init script for ssh exits when it realises upstart isn't running (in this case, use systemctl restart ssh.service).
  4. You're using ssh protocol 1 instead of 2.
Improve this answer
1
  • I can confirm it's not 1, 2 or 4. How can I check 3rd possibility? Commented Jan 25, 2015 at 12:01
3

I did not see mentioned here, but even if the banner is enabled in sshd_config and sshd is fully restarted, the user's own ~/.ssh/config can suppress the banner using: LogLevel QUIET As the op took the solution but noone mentioned this, I'd like to add that here for future searchers

Improve this answer
1
  • This happened to me. I had LogLevel ERROR set in ~/.ssh/config, and I thought the Banner was broken. It was just being hidden! Commented Nov 19, 2021 at 0:19
1

Ubuntu 14.04 uses upstart, and /etc/init.d/ssh restart doesn't restart sshd if upstart is running, so sshd isn't recognizing your changes to /etc/ssh/sshd_config. Instead, run this:

# restart ssh

You can verify that sshd was restarted by running

# ps -f -p $(pgrep sshd)

or

# ps -f -p $(status ssh | awk '{ print $NF }')

and checking that the start time (STIME) is more recent than the time you ran the command to restart it.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.