banners and scp
 

Part of some security requirements I have to implement on the computers I SA for is to have a banner display a message upon login.

The problem is that this banner will break scp connections. Is there a workaround for this?

Why will it break it? If it did then it wouldn't be possible to show it, would it? Works fine for me, maybe you could clarify what you mean?

I remember having this issue whenever my .bashrc printed something to the screen. Whenever I would try to perform an scp I would get the following:

protocol error: unexpected <newline>

If a banner is printed to the screen after a successful login, won't it break scp with this "unexpected <newline>"?

how does your bashrc involved in this? scp doesn't spawn a bash shell, so that wouldn't get executed. just enable a banner in /etc/ssh/sshd_config and off you go.

I don't know the scp internals, but .bashrc is invoked upon scp connections. If I put an echo in .bashrc, it will be executed and the scp command fails. If I put an echo in .profile (or .bash_profile) it will not be executed upon scp, but still remains for ssh connections (since they start a login shell). So you have two alternatives:

1) put the banner in /etc/profile
2) enable the Banner option in sshd_config as suggested by acid_kewpie above

i tried an scp with an echo in my .bashrc and it did nothing, on Ubuntu 8.10. Odd.

Thanks, I got the banner working without breaking scp using the sshd_config setting.

acid_kewpie, did you have a newline in the text you echoed?