Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >
article

KB-1387: How do I enable or disable Centrify SSH banner

Centrify DirectAudit ,   Centrify DirectControl ,   Centrify Identity Service, Mac Edition ,  

12 April,16 at 10:57 AM

Applies to: DirectControl-Enabled OpenSSH

Question:

How do I enable/disable SSH banner in Centrify OpenSSH


Answer:

If you wish to do it on all servers, you can do it via a GP by following the below steps. If you wish to do it on one server or a few server, please follow step 5.


1) Use the SSH Settings group policies to manage different aspects of secure shell (ssh) authentication.

2) The SSH Settings group policies are defined in the centrify_unix_settings.xml administrative template.

3) When you set SSH Settings group policies, parameters are set in the secure shell configuration file, /etc/centrifydc/ssh/sshd_config, not in the Centrify DirectControl configuration file centrifydc.conf.

4) The "Set banner path" can be enabled or disabled for a remote user requesting authentication. Typically, the file contains a warning about authentication to provide legal protection to the company. This group policy modifies the ssh.banner setting in the /etc/centrifydc/ssh/sshd_config file. See screenshot


5) If you wish to do it on a single machine or a few machines, you can comment the line "Banner /etc/issue" in /etc/centrifydc/ssh/sshd_config and restart SSH
 

Still have questions? Click here to log a technical support case, or collaborate with your peers in Centrify's Online Community.