SCO's Login Banner

[Chip Rosenthal]

In article <3nd8bh$7...@gulfa.kw.us.com>,
John W. Temples <jo...@gulfa.kw.us.com> wrote:
>>/etc/issue controls this message.
>
>That doesn't work for telnet connections, though. [...]
>anyone know how to customize the telnet login banner?

Use a wrapper. Rename /etc/telnetd to /etc/telnetd.real and then
create a replacement /etc/telnetd with the following script:

#!/bin/sh
cat /etc/issue
echo ""
exec /etc/telnetd.real -h $@

--
Chip Rosenthal They said I was just a dumb cowpoke.
Unicom Systems Development I didn't want to make a fuss. - Robert Earl Keen
For a good time: http://www.unicom.com/john-hiatt/
PGP key: http://www.unicom.com/personal/chip.html

[John W. Temples]

In article <D7DtH...@unicom.com>, Chip Rosenthal <ch...@unicom.com> wrote:
>>How do you change SCO's regular welcome prompt:
>
>/etc/issue controls this message.

That doesn't work for telnet connections, though.

You can disable the default message with "telnetd -h", but then you
just get a "login:" prompt. Since I don't think telnetd can be told to
recognize /etc/issue ("/etc/issue" doesn't appear in the binary), does

anyone know how to customize the telnet login banner?

--
John W. Temples, III || Providing the only public access Internet
Gulfnet Kuwait || site in the Arabian Gulf region

[Milt Webb]

John W. Temples (jo...@gulfa.kw.us.com) wrote:

: In article <D7DtH...@unicom.com>, Chip Rosenthal <ch...@unicom.com> wrote:
: >>How do you change SCO's regular welcome prompt:
: >
: >/etc/issue controls this message.

: That doesn't work for telnet connections, though.

You can still get the standard warning to display with /etc/motd,
even with telnet.

Milt

[Christopher Durham]

In article <3nd8bh$7...@gulfa.kw.us.com> jo...@gulfa.kw.us.com (John W. Temples) writes:
>In article <D7DtH...@unicom.com>, Chip Rosenthal <ch...@unicom.com> wrote:
>>>How do you change SCO's regular welcome prompt:

>You can disable the default message with "telnetd -h", but then you
>just get a "login:" prompt. Since I don't think telnetd can be told to
>recognize /etc/issue

Well, here it is:

Using banner with telnet similar to /etc/issue that's used with getty?

KEYWORDS: telnet rlogin banner issue getty login message telbanner

RELEASE: SCO TCP/IP Release 1.2.1
SCO Open Desktop Lite Release 3.0
SCO Open Desktop Release 3.0
SCO Open Server Network System Release 3.0
SCO Open Server Enterprise System Release 3.0

PROBLEM: With the getty program on standard tty lines, the file /etc/issue
is displayed prior to the login message to give informational
messages. It may be desirable to provide the same functionality
with network connections via telnet.

SOLUTION: Everything that follows should be done as the "root" user. To
allow the telnet banner feature, first create the file that
contains the banner message, /etc/telbanner. The file should be
owned by bin and readable by everyone. To make this so, execute
the following commands after creating the file:

# chown bin /etc/telbanner
# chgrp bin /etc/telbanner
# chmod 644 /etc/telbanner

Next, create a shell script with the following contents. Call it
/etc/telbannerd.

### begin telnet banner script; cut here ###

#!/bin/sh

# shell script to allow banner to be displayed prior to login for telnet
# sessions

BANNER_FILE=/etc/telbanner # define name banner file to be
# displayed prior to login prompt

TELNETD=/etc/telnetd # define telnet daemon

[ -r ${BANNER_FILE} ] && cat ${BANNER_FILE} # if the banner file exists
# and is readable, cat the file.

exec ${TELNETD} $* # now go ahead and execute the
# real telnetd with appropriate
# arguments

### end telnet banner script; cut here ###

After creating the file /etc/telbannerd, make sure it is owned by
bin and has group bin with the following commands:

# chown bin /etc/telbannerd
# chgrp bin /etc/telbannerd

Also make sure the script is executable by everyone:

# chmod 711 /etc/telbannerd

Once these steps have been taken, copy the file /etc/inetd.conf to
/etc/inetd.conf.orig to save the original version of this file.
Change the following line in /etc/inetd.conf:

telnet stream tcp nowait NOLUID /etc/telnetd telnetd

It should now read as follows:

telnet stream tcp nowait NOLUID /etc/telbannerd telnetd

After making this change, determine the process id number of
the inetd process with the command:

# ps -e | grep inetd
296 ? 0:01 inetd

In this case, the process id of inetd is 296. Send the SIGHUP
signal to inetd so that it re-reads the file /etc/inetd.conf with
the following command:

# kill -HUP 296

The next time someone uses telnet to log in to your system, the
contents of the file /etc/telbanner should be displayed prior to
the login prompt.

Please note that the first line of the shell script /etc/telbannerd
is "#!/bin/sh". This requires that the kernel variable
"hashplingenable" be equal to 1. This variable is defined in the
file /etc/conf/pack.d/kernel/space.c. If this variable is not set
equal to 1 in this file, change it to be equal to 1; re-link the
kernel and reboot the system. The /etc/telbannerd script will not
work unless "hashplingenable" is set to 1.

This feature does not work with rlogind.

--------------------------------------------------------------------------------
This information is provided "AS IS" without warranty and may be posted
to public networks individually in response to specific questions as a
public service but no other reproduction, transmittal or storage, in any
form, is permitted without prior written permission from the copyright
owner. Copyright infringement is a serious matter under the United
States and foreign Copyright Laws.

Information in this document is subject to change without notice and
does not represent a commitment on the part of The Santa Cruz
Operation, Inc.

Copyright (C) 1986-1994 The Santa Cruz Operation, Inc.
All Rights Reserved

--
-Christopher Durham chr...@sco.COM
Technical Support ...!uunet!sco!chrisdu
The Santa Cruz Operation
"...I think that when statesmen forsake their private conscience for the
sake of their public duties, they lead their country by a short route to
chaos."
-Sir Thomas More to Cardinal Wolsey in _A Man for All Seasons_

[ujab...@uxa.ecn.bgu.edu]

In article <D7DtH...@unicom.com>, ch...@unicom.com (Chip Rosenthal) writes:

>>How do you change SCO's regular welcome prompt:

>>Welcome to SCO Unix/Vblahblah

>/etc/issue controls this message.
>
>This one of the first things I change when configuring an SCO Unix
>system. The SCO default really bugs me. I believe that if an SCO
>Unix system is cracked, your chances of obtaining a conviction are
>lessened by an /etc/issue that says "welcome".

Hehehe, but it's still considered "trespassing" nonetheless, right?

>Here is my standard /etc/issue:
>
> This is a private computer system.
> Only authorized access to this system is permitted.

Yup, gotta have that "Authorized Only" in there.

Okay, next question...
Can SCO support greater than 9600 baud connects *with* error correction
and (if possible) data compression?

I have been able to get 14.4k connects with error and data compression, but
the only problem is that some of the menus come out with a "Bs" or graphics
characters. We're using a Digiboard PC/I16(?) and can deal with 9600 no
error, no compression...but that's because the lines are clean. When someone
calls in on a dialin modem using a terminal (Wyse60), and the lines aren't
that great, obviously there's a lot of garbage. :(

So the trade-off is: Error Correction and some of the menus get screwy
backspace and other high-ascii characters or hope that there isn't that
much line noise on the telephone lines.

Oh, and we are using Practical Peripherals 14.4k FXMTII modems on both the
dialin and terminal sides.

Is there anything we can do short of going with Telebits and PEP?

Thanks!

[Stephen M. Dunn]

In article <miltwebbD...@netcom.com> milt...@netcom.com (Milt Webb) writes:
$John Abanco (ujab...@uxa.ecn.bgu.edu) wrote:
$: How do you change SCO's regular welcome prompt:
$
$: Welcome to SCO Unix/Vblahblah
$
$: Login:
$
$Have you looked in /etc/motd?

Wrong one :-) /etc/motd is printed _after_ you've logged in,
not before.

See /etc/issue for the pre-login banner. There's no elegant way
to do the same thing with telnet sessions (which don't print the
contents of /etc/issue upon connection), but there _is_ a kludge that
works. It's in the comp.unix.sco.misc (formerly biz.sco.general)
FAQ, which will be posted very shortly once I make sure I've
updated all of the biz.sco references in it.

BTW, this is a system administration question, not a programming
one. Note crosspost and followups to comp.unix.sco.misc.
--
ste...@bokonon.UUCP ...!{xrtll,gts.org}!bokonon!stephen
----------------------------------------------------------------------------
Stephen M. Dunn, CNE, ACE, Sr. Systems Analyst, United System Solutions Inc.
104 Carnforth Road, Toronto, ON, Canada M4A 2K7 (416) 750-7946 x251

[Jay F. Rothschild]

I have done a similiar setup for telnet users and the new telbanner file
is displayed with no linefeeds and looks pretty bad. Anyone have a fix
for that?

Christopher Durham (chr...@sco.COM) wrote:

[Bernd Felsche]

In <miltwebbD...@netcom.com> milt...@netcom.com (Milt Webb) writes:

>John W. Temples (jo...@gulfa.kw.us.com) wrote:

>: In article <D7DtH...@unicom.com>, Chip Rosenthal <ch...@unicom.com> wrote:
>: >>How do you change SCO's regular welcome prompt:
>: >

>: >/etc/issue controls this message.

>: That doesn't work for telnet connections, though.

>You can still get the standard warning to display with /etc/motd,
>even with telnet.

/etc/motd only works after a login attempt succeeds; and then only
when it is actually displayed as part of the shell initialisation.

I don't recall exactly how the telnetd under SCO works. Some other
vendors provide a command-line option for telnetd to display a message
before prompting for a login.

>Milt
--
Bernd Felsche, MetaPro Systems Pty Ltd
130 Fauntleroy Avenue, Redcliffe, Western Australia 6104
Phone: +61 9 479 3722 Fax: +61 9 479 3720

[Kevin Reed]

Bernd Felsche (ber...@metapro.DIALix.oz.au) wrote:

: In <miltwebbD...@netcom.com> milt...@netcom.com (Milt Webb) writes:

: >John W. Temples (jo...@gulfa.kw.us.com) wrote:
: >: In article <D7DtH...@unicom.com>, Chip Rosenthal <ch...@unicom.com> wrote:
: >: >>How do you change SCO's regular welcome prompt:
: >: >
: >: >/etc/issue controls this message.

: >: That doesn't work for telnet connections, though.

: >You can still get the standard warning to display with /etc/motd,
: >even with telnet.

: /etc/motd only works after a login attempt succeeds; and then only
: when it is actually displayed as part of the shell initialisation.

: I don't recall exactly how the telnetd under SCO works. Some other
: vendors provide a command-line option for telnetd to display a message
: before prompting for a login.

We used the following:

Modified /etc/inetd.conf:

telenet stream tcp nowait NOLUID /etc/telnetd_issue telnetd

Created /etc/telenetd_issue as:

#!/bin/sh
/bin/cat /etc/issue_telnetd
exec /etc/telnetd

Either copied /etc/issue to /etc/issue_telnetd or make a new one.

Works fine. Could not get it to work with tcp_wrappers though so with
this you won't have any logging of telnet sessions. I'm sure there is
a way around this though.