openstack/ansible-hardening
Code Issues Proposed changes
ansible-hardening/doc/metadata/rhel7/V-72225.rst
Major Hayden 005fa52c66
Make login banner customizable 
This patch makes it easier for deployers to customize their login
banner and it also fixes some documentation bugs around how to
configure the graphical login banner.

Closes-bug: 1679749
Change-Id: I755de63cc3965f065077c983dbf1015ad93dfa6c
2017-04-05 08:32:39 -05:00

1.1 KiB
Raw Blame History

---id: V-72225 status: implemented tag: sshd ---

The tasks in the security role deploy a standard notice and consent banner into /etc/motd on each server. Ubuntu, CentOS and Red Hat Enterprise Linux display this banner after each successful login via ssh or the console.

Deployers can choose a different destination for the banner by setting the following Ansible variable:

security_sshd_banner_file: /etc/motd

The message is customized with the following Ansible variable:

security_login_banner_text: |
  ------------------------------------------------------------------------------
  * WARNING                                                                    *
  * You are accessing a secured system and your actions will be logged along   *
  * with identifying information. Disconnect immediately if you are not an     *
  * authorized user of this system.                                            *
  ------------------------------------------------------------------------------