Tips for finding Knowledge Articles

  • - Enter just a few key words related to your question or problem
  • - Add Key words to refine your search as necessary
  • - Do not use punctuation
  • - Search is not case sensitive
  • - Avoid non-descriptive filler words like "how", "the", "what", etc.
  • - If you do not find what you are looking for the first time,reduce the number of key words you enter and try searching again.
  • - Minimum supported Internet Explorer version is IE9
Home  >

KB-2036: How to customize banner using Centrify GP when user logins using Centrify OpenSSH

Authentication Service ,  

12 April,16 at 11:07 AM

Applies to: All versions of Centrify DirectControl-enabled OpenSSH.

Is it possible to customize the "banner"  using Centrify GP when a Centrify user logins to a server using Centrify OpenSSH.

Yes.  The steps are as follows.

1) You need to enable the Microsoft Group Policy under Active directory “Computer Configuration > Windows Settings > Security Settings > Local Policies > Security Options > Interactive logon: Message text for users attempting to log on". Customize the banner text here. 

2) Set banner path under Centrify Group Policies.

Use the SSH Settings group policies to manage different aspects of secure shell (ssh) authentication. The SSH Settings group policies are defined in the

centrify_unix_settings.xml administrative template. When you set SSH Settings group policies, parameters are set in the secure shell configuration file, /etc/centrifydc/ssh/sshd_config, not in the Centrify DirectControl configuration file.

Name of the GP is "Set Banner Path":

Identify a file on the UNIX machine to be sent to a remote user requesting authentication. Typically, the file contains a warning about authentication to provide legal protection to the company. This group policy modifies the ssh.Banner setting in the /etc/centrifydc/ssh/sshd_config file.

3) Wait for GPs to get executed.

4) Login using SSH and see if banner is displayed.