I was asked today about how to stop SSH logins from printing the MOTD. This is a common issue when you are running scripts and cron e-mails you the output of the MOTD all the time. Just a little bit annoying! Instead of throwing all the data away you can instead suppress the login MOTD by simply:
touch ~/.hushlogin
In remote user’s directory. Simple!
There is also the SSH banner which doesn’t get silenced by this method, the trick to get around this is by using:
ssh -q user@server command
This isn’t ideal as it suppresses possible warnings and diagnostic information as well but it is a good workaround. Thanks to FluKex for that!
To remove the MOTD/banner all together from SSH you can edit your sshd_config and alter the line for the MOTD to no, like so:
#Banner none
PrintMotd no
Just to say a little more about hushlogin, the file and its naming choice is controlled by the /etc/login.defs file. So if you are a system administrator you could modify the naming of this file or indeed its placement. Secondly as an administrator you may wish to ensure that users don’t have this ability. The trick here is to alter the login.defs file and make the HUSHLOGIN_FILE a full pathname. Then the contents of this file will be those users that have their MOTD suppressed.
A friend of mine recently came to me with a problem, when he was logging into a server via ssh he was getting an odd error:
user@example.com's password:
The following connections are open:
#0 client-session (t4 r0 i0/0 o0/0 fd 4/5 cfd -1)
As he was typing his password out popped this ’strange error’. Now I do know and use ssh and was aware that this is a standard output from ssh but it should only occur when its requested by the user, not whilst you are typing a password. That’s when it struck me, my friend’s password started with the escape sequence that called the function! So the solution to this was simple, change the escape character.
Let me talk a little more about what I mean by an escape sequence. When you are using ssh there is several functions that you can call by typing particular key sequences. Looking at the ssh man page you can find a list of what is possible (search for Escape Characters).
~#
List forwarded connections
Clever! Now to solve the issue where your password starts with that sequence you can alter your escape character from ~ to something else. Edit ~/.ssh/config on your local machine and put in:
EscapeChar $
Indeed you can select any character but in this case the sequence $# will now be the trigger. Sometimes the simplest issues can reveal additional abilities you may never knew existed. Problem solved!