diff options
| author |   djm <djm@openbsd.org> | 2007-08-23 03:22:16 +0000 |
|---|---|---|
| committer | djm <djm@openbsd.org> | 2007-08-23 03:22:16 +0000 |
| commit | e43cb4b6b6b9c36df7d38a3099534c161131174b (patch) | |
| tree | 4feabf0b6c073fd72b760d9f368f02a0cb691d5e | |
| parent | login_cap.h doesn't belong here (diff) | |
| download | wireguard-openbsd-e43cb4b6b6b9c36df7d38a3099534c161131174b.tar.xz wireguard-openbsd-e43cb4b6b6b9c36df7d38a3099534c161131174b.zip | |
Support "Banner=none" to disable displaying of the pre-login banner;
ok dtucker@ deraadt@
| -rw-r--r-- | usr.bin/ssh/auth2-none.c | 7 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd_config | 4 | ||||
| -rw-r--r-- | usr.bin/ssh/sshd_config.5 | 9 |
3 files changed, 12 insertions, 8 deletions
diff --git a/usr.bin/ssh/auth2-none.c b/usr.bin/ssh/auth2-none.c index 56532b7f83c..fb463c64040 100644 --- a/usr.bin/ssh/auth2-none.c +++ b/usr.bin/ssh/auth2-none.c @@ -1,4 +1,4 @@ -/* $OpenBSD: auth2-none.c,v 1.13 2006/08/05 07:52:52 dtucker Exp $ */ +/* $OpenBSD: auth2-none.c,v 1.14 2007/08/23 03:22:16 djm Exp $ */ /* * Copyright (c) 2000 Markus Friedl. All rights reserved. * @@ -29,6 +29,7 @@ #include <fcntl.h> #include <unistd.h> +#include <string.h> #include "xmalloc.h" #include "key.h" @@ -90,7 +91,9 @@ userauth_banner(void) { char *banner = NULL; - if (options.banner == NULL || (datafellows & SSH_BUG_BANNER)) + if (options.banner == NULL || + strcasecmp(options.banner, "none") == 0 || + (datafellows & SSH_BUG_BANNER) != 0) return; if ((banner = PRIVSEP(auth2_read_banner())) == NULL) diff --git a/usr.bin/ssh/sshd_config b/usr.bin/ssh/sshd_config index 6d277b860ed..1bf22c6b6f4 100644 --- a/usr.bin/ssh/sshd_config +++ b/usr.bin/ssh/sshd_config @@ -1,4 +1,4 @@ -# $OpenBSD: sshd_config,v 1.75 2007/03/19 01:01:29 djm Exp $ +# $OpenBSD: sshd_config,v 1.76 2007/08/23 03:22:16 djm Exp $ # This is the sshd server system-wide configuration file. See # sshd_config(5) for more information. @@ -91,7 +91,7 @@ Protocol 2 #PermitTunnel no # no default banner path -#Banner /some/path +#Banner none # override default of no subsystems Subsystem sftp /usr/libexec/sftp-server diff --git a/usr.bin/ssh/sshd_config.5 b/usr.bin/ssh/sshd_config.5 index 65cfec8a329..bdaf04bead9 100644 --- a/usr.bin/ssh/sshd_config.5 +++ b/usr.bin/ssh/sshd_config.5 @@ -34,8 +34,8 @@ .\" (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF .\" THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. .\" -.\" $OpenBSD: sshd_config.5,v 1.77 2007/06/08 07:48:09 jmc Exp $ -.Dd $Mdocdate: June 8 2007 $ +.\" $OpenBSD: sshd_config.5,v 1.78 2007/08/23 03:22:16 djm Exp $ +.Dd $Mdocdate: August 23 2007 $ .Dt SSHD_CONFIG 5 .Os .Sh NAME @@ -159,10 +159,11 @@ directory. The default is .Dq .ssh/authorized_keys . .It Cm Banner -In some jurisdictions, sending a warning message before authentication -may be relevant for getting legal protection. The contents of the specified file are sent to the remote user before authentication is allowed. +If the argument is +.Dq none +then no banner is displayed. This option is only available for protocol version 2. By default, no banner is displayed. .It Cm ChallengeResponseAuthentication |