Friday, December 17, 2010

Trogdor login screen

I think in general, it is bad security practice to display a lot of identifiable information at an SSH login prompt. If there's a known exploit for distro X version XYZ, you don't want to give someone a fast path to utilizing it.

I was setting up a new test VM at work, so I decided to have fun...and came up with (possibly) one of the greatest things ever. The trogdor ASCII art login screen.

Step 1 - search alt.ascii-art for "trogdor" on google groups
Step 2 - copy paste and save to a file on your server
Step 3 - configure SSH server to display a banner





The only down side is that my PUTTY window needs to be long enough to see the full awesomeness of this trogdor ascii art. I take zero credit for the ascii art, which you can find by clicking the google groups link above.

I'm kind of a newbie at configuring SSH, so I'm not sure if banners always display after you type your username...

1 comment:

  1. This is such an awesome idea I think I am going to do the same to a few of my servers.

    As for the banner popping up after the username there is no ssh command to prompt for your username after connection i.e. "ssh -prompt-user box.com". I think that is a feature of PuTTY since there is no where to put a username normally it creates a username prompt before establishing the connection. Normally for command line ssh you would do something like "ssh ryan@box.com" or I could do "ssh box.com" which would use my login name on the local machine for the remote machine.

    ReplyDelete