SSH script banner printing source then executing

So I created a bash script banner for my SSH server, pretty straight forward. It's located in profile.d:

/etc/profile.d/ssh_banner.sh

I've edited the sshd_config file as follows:

# no default banner path
Banner /etc/profile.d/ssh_banner.sh

However, when I log into the server, before executing the script and displaying the output, it displays the source of the script immediately before;

adam@adam-ThinkPad-T470s:~$ ssh adam@<IP_ADDRESS> -p 51536

#!/bin/bash

#Colours
red="\033[00;31m"
RED="\033[01;31m"

green="\033[00;32m"
GREEN="\033[01;32m"

brown="\033[00;33m"
YELLOW="\033[01;33m"

blue="\033[00;34m"
BLUE="\033[01;34m"

purple="\033[00;35m"
PURPLE="\033[01;35m"

cyan="\033[00;36m"
CYAN="\033[01;36m"

white="\033[00;37m"
WHITE="\033[01;37m"

NC="\033[00m"

echo -e "${WHITE}******************************************************************************"
echo -e "${WHITE}**                                                                          **"
echo -e "${WHITE}**                    Powered By Raspbian                                   **"
echo -e "${WHITE}**                                                                          **"
echo -e "${YELLOW}******************************************************************************"

CPUMOD=$(cat /proc/cpuinfo | grep -m 1 -w 'model name' | awk -F: '{print $2}')
HOSTNAME=$(uname -n)
KERNEL=$(uname -r)
MEMTOTAL=$(cat /proc/meminfo | grep -m 1 -w 'MemTotal' | awk -F: '{print $2}')
MEMFREE=$(cat /proc/meminfo | grep -m 1 -w 'MemFree' | awk -F: '{print $2}')
SWAPTOTAL=$(cat /proc/meminfo | grep -m 1 -w 'SwapTotal' | awk -F: '{print $2}')
SWAPFREE=$(cat /proc/meminfo | grep -m 1 -w 'SwapFree' | awk -F: '{print $2}')
echo -e "**     ${YELLOW}Unauthorised access to this network is strickly FORBIDDEN            **"
echo -e "**     ${YELLOW}If you havn't been given authorisation ${RED}LOGOUT IMMEDIATELY!${YELLOW}           **"
echo -e "**${YELLOW}                    This logon has been recored                           **"
echo -e "${YELLOW}******************************************************************************"
echo -e ""
echo -e "${WHITE} Welcome ${YELLOW}${USER}${WHITE}"
echo -e ""

echo -e "${WHITE} Date: "`date`
echo -e ""

echo -e "${WHITE} Hostname:   ${HOSTNAME}"
echo -e "${WHITE} CPU Model: ${CPUMOD}"
echo -e ""
echo -e "${WHITE} Total Memory: ${MEMTOTAL}"
echo -e "${WHITE} Free Memory: ${MEMFREE}"
echo -e ""
echo -e "${WHITE} Swap Total:    ${SWAPTOTAL}"
echo -e "${WHITE} Swap Free:    ${SWAPFREE}"
echo -e ""


# Reset Terminal Colour Back to Normal
echo -e "${NC}"
Last login: Wed Nov  7 12:56:47 2018 from <IP_ADDRESS>
******************************************************************************
**                                                                          **
**                    Powered By Raspbian                                   **
**                                                                          **
******************************************************************************
**     Unauthorised access to this network is strickly FORBIDDEN            **
**     If you havn't been given authorisation LOGOUT IMMEDIATELY!           **
**                    This logon has been recored                           **
******************************************************************************

 Welcome adam

 Date: Wed 7 Nov 13:18:42 UTC 2018

 Hostname:   pi
 CPU Model:  ARMv7 Processor rev 4 (v7l)

 Total Memory:          949448 kB
 Free Memory:           781588 kB

 Swap Total:            102396 kB
 Swap Free:             102396 kB


adam@pi:~ $ 

The intended banner is printed out after the line informing of the last login, I have tried putting the ssh_banner.sh in other directories and this results in ssh only printing the source out, without the executed output. /etc/profile.d is the only directory where SSH executes the banner.

I don't understand why this is the case and if anyone can help I would appreciate it.

1 answer

  • answered 2018-11-07 17:06 JGK

    The sshd doesn't execute or source your banner ssh_banner.sh as the documentation states:

    Banner

    The contents of the specified file are sent to the remote user before authentication is allowed. If the argument is “none” then no banner is displayed. This option is only available for protocol version 2. By default, no banner is displayed.

    If you put the banner ssh_banner.sh under /etc/profile.d then the banner is sourced through normal login process and has nothing to do with sshd.

    So you can put a comment # in front of the Banner line in sshd_config and the ssh_banner.sh is still sourced under normal login.