Posted by Steve on Fri 24 Aug 2007 at 15:13
Usually when you connect to a server remotely, via ssh, you'll be shown the "message of the day", the last time you logged in to the machine, and other details. Here's a simple way to disable that behaviour.
By default the display of the message of the day is read from the file /etc/motd - this is usually configured to happen by PAM, via a line such as this in /etc/pam.d/ssh & /etc/pam.d/login:
# Prints the motd upon succesful login session optional pam_motd.so
The obvious way to disable this behaviour is to remove this from the relevant PAM file(s). However doing this will remove the behaviour from all users of the machine - which might not be appreciated.
Instead we're going to look at the file /etc/login.defs - this file contains various settings which are used by different login programs.
By default you should see this:
# # If defined, file which inhibits all the usual chatter during the login # sequence. If a full pathname, then hushed mode will be enabled if the # user's name or shell are found in the file. If not a full pathname, then # hushed mode will be enabled if the file exists in the user's home directory. # HUSHLOGIN_FILE .hushlogin #HUSHLOGIN_FILE /etc/hushlogins
This is our solution. If you want to have a "quiet" login then you may run this:
skx@vain:~$touch ~/.hushlogin
To show the difference in behaviours here's an example of before and after (note that I'm using SSH keys here, so there is no password prompt):
Before creating .hushlogin
skx@vain:~$ssh localhost Linux steve 2.6.18-4-686 #1 SMP Wed May 9 23:03:12 UTC 2007 i686 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent permitted by applicable law. Last login: Fri Aug 24 09:38:52 2007 from localhost.localdomain skx@vain:~$
After creating .hushlogin
skx@vain:~$ssh localhost skx@vain:~$
The downside to this solution is that you might miss a message saying something like this:
Last login: Wed Aug 22 16:00:10 2007 from l33t.hax0r.some.ips
(I did once detect that an account of mine had been compromised when I noticed the previous login location was utterly unlikely to have been mine ..)
This article can be found online at the Debian Administration website at the following bookmarkable URL:
This article is copyright 2007 Steve - please ask for permission to republish or translate.