How to enable login banner in Nutanix Controller VM: CVM and Acropolis Hypervisor: AHV and Nutanix acropolis cluster. The purpose of login banner is to show some messages or warnings when ssh session connected.
Login banner is help full to display a warning message before the password login prompt, It warns unauthorized access geeks and hacker to keep away.
Enable Login Banner in AHV
To enable the login / welcome banner in Nutanix AHV is very important to show off the legal warning to keep away the unauthorized access attempt.
Lets enable the login banner in Nutanix AHV hypervisor to follow simple steps.
Step 1 : SSH to Nutanix AHV hypervisor
Nutanix AHV Default credential
user_id : root
Password: nutanix/4u
Step 2 : Create backup file of existing login banner file: DODbanner to modify original banner as per your organization standard format.
AHV# sudo cp -a /srv/salt/security/KVM/sshd/DODbanner \ /srv/salt/security/KVM/sshd/DODbanner.bak
Note : Other naming schemes are also in widespread use: file.orig, file.old, file.bak etc.
Step 3 : Edit Nutanix AHV login banner file: DODbanner
AHV# sudo vi /srv/salt/security/KVM/sshd/DODbanner
Attention : You need to perform above steps on each Nutanix AHV host to enable login banner.
Step 4 : Enable / Set the login banner for all node’s AHV through nCLI command
cvm$ ncli cluster edit-hypervisor-security-params enable-banner=true
Step 5 ( Optional ) : If login banner doesn’t show off then Restart sshd service
AHV# Service sshd restart
Now logout and re-login to Nutanix AHV host with SSH.
The Login banner will prompt before entering the password.
Read more : Top 10 Nutanix Acropolis AHV Commands – Part 1
Enable Login Banner in CVM
To enable the login banner in Nutanix Controller-VM: CVM need to perform following steps.
Step 1 : SSH to any Nutanix CVM of Acropolis cluster
Nutanix CVM Default Credential
User_id : nutanix
Password : nutanix/4u
Step 2 : Create backup file of CVM login banner which already exist
cvm$ sudo cp -a /srv/salt/security/CVM/sshd/DODbanner /srv/salt/security/CVM/sshd/DODbanner.bak
Note : Other naming schemes are also in widespread use: file.orig, file.old, file.bak etc.
Step 3 : Modify login banner: DODbanner as per your organization standard format.
cvm$ sudo vi /srv/salt/security/CVM/sshd/DODbanner
Attention : You need to perform above steps on each Nutanix CVM to enable login banner.
Step 4 : Enable / Set the banner for all node’s CVM through nCLI command
cvm$ ncli cluster edit-cvm-security-params enable-banner=true
You can enable the login banner in Prism and prism central to show to the warning message before login.
Read more : Change Nutanix CVM Host name
Conclusion
Nutanix login banner is consider in security guidelines to configure the login banner parameters to keep the Nutanix acropolis cluster secure from unauthorized access to prompt the warning when login to Nutanix CVM and AHV hypervisor.
Thanks to being with HyperHCI Tech Blog to learn something new on every-day.!
Your article is awesome! How long does it take to complete this article? I have read through other blogs, but they are cumbersome and confusing. I hope you continue to have such quality articles to share with everyone!