# Any way to make opensshd respect login.defs?

## Ant P.

I have a server that I'm frequently forgetting to update the default boot kernel on (using UEFI BootOnce to test new ones so it always falls back to the last "safe" kernel I manually installed, but it can be months old when that happens).

So I thought I'd be clever and set “MOTD_FILE /proc/version:/etc/motd” in login.defs, so that I can see at a glance if it's running what I expect. It seems sshd has hardcoded emulation for various bits of login.defs functionality making for some confusing debugging, but I eventually figured out it doesn't do this thing I want. I can run login(1) manually and see that it works there, but there's probably a good reason ssh doesn't run that itself. Is there any way to get the full login behaviour over ssh, or should I just give up and use bashrc for stuff like this?

----------

## krinn

```
>echo "$(cat /proc/version)" > /etc/motd

>ssh beleg

Linux version 4.14.11 (root@beleg) (gcc version 5.4.0 (Gentoo 5.4.0-r3 p1.3, pie-0.6.5)) #2 SMP PREEMPT Wed Jan 10 15:11:16 CET 2018

```

Yes, that simple  :Smile: 

----------

## Hu

Useless Use of Cat and Useless Use of Echo.  :Smile:   That could be done with cp, but none of this answers his question.

----------

## Ant P.

Actually krinn's right, the dumb solutions are usually the best. I'd like to keep the rest of /etc/motd intact though, which makes things a little more complicated. Nothing I can't fix with some dumb sed though...

----------

## khayyam

 *Hu wrote:*   

> Useless Use of Cat and Useless Use of Echo. :)  That could be done with cp, but none of this answers his question.

 

Hu, et al ... wouldn't that be a useless use of cp ;) hehehe

```
# echo $SHELL

/bin/zsh

# </proc/version >/etc/motd
```

@Ant .P ... MOTD_FILE (man login) can include multiple files (colon delimited), so you can simply have it point to /proc/version ... no useless use of anything ;)

best ... khay

----------

## pjp

 *khayyam wrote:*   

>  *Hu wrote:*   Useless Use of Cat and Useless Use of Echo.   That could be done with cp, but none of this answers his question. 
> 
> Hu, et al ... wouldn't that be a useless use of cp  hehehe
> 
> ```
> ...

  Aaaaand.... since you didn't read Ant P.'s post, I guess your post would be UUOR (useless use of response)  :Razz: 

Ant P. mentions your "solution," which doesn't work, and the main reason behind the thread.  *Ant P. wrote:*   

> So I thought I'd be clever and set “MOTD_FILE /proc/version:/etc/motd” in login.defs

 

----------

## khayyam

 *khayyam wrote:*   

> @Ant .P ... MOTD_FILE (man login) can include multiple files (colon delimited), so you can simply have it point to /proc/version ... no useless use of anything ;)

 

 *pjp wrote:*   

> Aaaaand.... since you didn't read Ant P.'s post, I guess your post would be UUOR (useless use of response) :P Ant P. mentions your "solution," which doesn't work, and the main reason behind the thread.

 

pjp ... actually no, I did read it, I simply forgot to include one part of the equation, he would need to enable 'PrintMotd yes' in /etc/sshd/sshd_config (which was not mentioned and is set to 'no' by default). I call your UUOR and raise you a UUOAC (useless use of a correction) ;)

best ... khay

----------

## Ant P.

That's on by default for me...

 *man 5 sshd_config wrote:*   

>      PrintMotd
> 
>              Specifies whether sshd(8) should print /etc/motd when a user logs
> 
>              in interactively.  (On some systems it is also printed by the
> ...

 

I ended up putting an old-fashioned $Id:$ marker in /etc/motd, with a @reboot line in crontab which runs this ugly mess to fill it in:

```
perl -pi -e 's{^(.*\$Id:).*?(\$.*)$}{sprintf(q[%s %s %s],$1,chomp($_=`uname -r`)&&$_,$2)}e' /etc/motd
```

That... more or less does what I originally wanted. (It's a lot more readable than the failed attempts I made with sed/ed, seriously!)

----------

## khayyam

 *Ant P. wrote:*   

> That's on by default for me...
> 
>  *man 5 sshd_config wrote:*        PrintMotd
> 
>              Specifies whether sshd(8) should print /etc/motd when a user logs
> ...

 

Ant P. ... hmmm, for me it's set to 'no', though the file is older than the install so it's possible I set it for some reason I can nolonger remember. Anyhow, I think the issue is that MOTD_FILE is set via pam.d, and not login.defs, when pam is in use ('UsePAM yes'). However, the colon syntax doesn't seem to apply here, but the following seems to get something near the desired result.

```
% grep motd /etc/pam.d/system-login

session  optional  pam_motd.so motd=/etc/motd motd=/etc/motd2

% grep . /etc/motd*

/etc/motd:hello

/etc/motd2:this is a test

% ssh localhost

this is a test

hello
```

best ... khay

----------

