It's possible to configure a banner for sshd
that is to be displayed as a connection is opened, via Banner /etc/motd.ssh
in sshd_config
. Note that this is displayed before the authentication occurs, and even when an interactive shell is not launched (e.g. via scp
).
If this banner contains characters outside of the printable ASCII range, they seem to be escaped, however. Is there any way to either disable this escaping, or an alternative way to send textual output back to the client on connection which supports such characters outside of the printable-ASCII range?
This would be useful both for colour escape sequences and Unicode characters.
- Related: Colorful ssh banner (not a duplicate, however, as this question is about another kind of banner, not about color)
Best Answer
Mention #1 - LinuxFromScratch project
One place that it's mentioned is in the Linux From Scratch project. I found this page titled: /etc/issue (Customizing your logon).
excerpt
Mention #2 - SecurityFocus Forum post
As additional evidence that this is not possible there is this excerpt from a forum post titled: Re: ssh and banners Aug 18 2009 01:20PM, that discusses the function that implements the printing of the banner in OpenSSH.
excerpt
Mention #3 - OpenSSH Release Notes + RFC's
Lastly I encourage you to look through the release notes for OpenSSH. They're here as well as the RFC's that govern the SSH v1 & v2 specifications.
This RFC covers some of the behavior of the
Banner
feature. This section "5.4. Banner Message" covers the details of why this isn't allowed. This paragraph is where is says this is explicitly disallowed.excerpt
Additional references (per @hildred)