Enable Nutanix Login Banner in CVM and AHV

Enable Nutanix CVM and AHV Login Banner

How to enable login banner in Nutanix Controller VM: CVM and Acropolis Hypervisor: AHV and Nutanix acropolis cluster. The purpose of login banner is to show some messages or warnings when ssh session connected.

Login banner is help full to display a warning message before the password login prompt, It warns unauthorized access geeks and hacker to keep away.

Enable Login Banner in AHV

To enable the login / welcome banner in Nutanix AHV is very important to show off the legal warning to keep away the unauthorized access attempt.

Lets enable the login banner in Nutanix AHV hypervisor to follow simple steps.

Step 1 : SSH to Nutanix AHV hypervisor

Nutanix AHV Default credential
user_id : root
Password: nutanix/4u

Step 2 : Create backup file of existing login banner file: DODbanner to modify original banner as per your organization standard format.

AHV# sudo cp -a /srv/salt/security/KVM/sshd/DODbanner \
/srv/salt/security/KVM/sshd/DODbanner.bak

Note : Other naming schemes are also in widespread use: file.orig, file.old, file.bak etc.

Step 3 : Edit Nutanix AHV login banner file: DODbanner

AHV# sudo vi /srv/salt/security/KVM/sshd/DODbanner

Attention : You need to perform above steps on each Nutanix AHV host to enable login banner.

Step 4 : Enable / Set the login banner for all node’s AHV through nCLI command

cvm$ ncli cluster edit-hypervisor-security-params enable-banner=true

Step 5 ( Optional ) : If login banner doesn’t show off then Restart sshd service

AHV# Service sshd restart

Now logout and re-login to Nutanix AHV host with SSH.
The Login banner will prompt before entering the password.

Read more : Top 10 Nutanix Acropolis AHV Commands – Part 1

Enable Login Banner in CVM

To enable the login banner in Nutanix Controller-VM: CVM need to perform following steps.

Step 1 : SSH to any Nutanix CVM of Acropolis cluster

Nutanix CVM Default Credential
User_id : nutanix
Password : nutanix/4u

Step 2 : Create backup file of CVM login banner which already exist

cvm$ sudo cp -a /srv/salt/security/CVM/sshd/DODbanner /srv/salt/security/CVM/sshd/DODbanner.bak

Note : Other naming schemes are also in widespread use: file.orig, file.old, file.bak etc.

Step 3 : Modify login banner: DODbanner as per your organization standard format.

cvm$ sudo vi /srv/salt/security/CVM/sshd/DODbanner

Attention : You need to perform above steps on each Nutanix CVM to enable login banner.

Step 4 : Enable / Set the banner for all node’s CVM through nCLI command

 cvm$ ncli cluster edit-cvm-security-params enable-banner=true

You can enable the login banner in Prism and prism central to show to the warning message before login.

Read more : Change Nutanix CVM Host name

Conclusion

Nutanix login banner is consider in security guidelines to configure the login banner parameters to keep the Nutanix acropolis cluster secure from unauthorized access to prompt the warning when login to Nutanix CVM and AHV hypervisor.

Thanks to being with HyperHCI Tech Blog to learn something new on every-day.!

1 thought on “Enable Nutanix Login Banner in CVM and AHV

  1. Your article is awesome! How long does it take to complete this article? I have read through other blogs, but they are cumbersome and confusing. I hope you continue to have such quality articles to share with everyone!

Comments are closed.