Posted by Steve on Fri 24 Aug 2007 at 15:13
Usually when you connect to a server remotely, via ssh, you'll be shown the "message of the day", the last time you logged in to the machine, and other details. Here's a simple way to disable that behaviour.
By default the display of the message of the day is read from the file /etc/motd - this is usually configured to happen by PAM, via a line such as this in /etc/pam.d/ssh & /etc/pam.d/login:
# Prints the motd upon succesful login session optional pam_motd.so
The obvious way to disable this behaviour is to remove this from the relevant PAM file(s). However doing this will remove the behaviour from all users of the machine - which might not be appreciated.
Instead we're going to look at the file /etc/login.defs - this file contains various settings which are used by different login programs.
By default you should see this:
# # If defined, file which inhibits all the usual chatter during the login # sequence. If a full pathname, then hushed mode will be enabled if the # user's name or shell are found in the file. If not a full pathname, then # hushed mode will be enabled if the file exists in the user's home directory. # HUSHLOGIN_FILE .hushlogin #HUSHLOGIN_FILE /etc/hushlogins
This is our solution. If you want to have a "quiet" login then you may run this:
skx@vain:~$touch ~/.hushlogin
To show the difference in behaviours here's an example of before and after (note that I'm using SSH keys here, so there is no password prompt):
Before creating .hushlogin
skx@vain:~$ssh localhost Linux steve 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Fri Aug 24 09:38:52 2007 from localhost.localdomain skx@vain:~$
After creating .hushlogin
skx@vain:~$ssh localhost skx@vain:~$
The downside to this solution is that you might miss a message saying something like this:
Last login: Wed Aug 22 16:00:10 2007 from l33t.hax0r.some.ips
(I did once detect that an account of mine had been compromised when I noticed the previous login location was utterly unlikely to have been mine ..)
This article can be found online at the Debian Administration website at the following bookmarkable URL (along with associated comments):
This article is copyright 2007 Steve - please ask for permission to republish or translate.