Configure SSH Login banner for ESXi host

I was working with one of the customers and troubleshooting an issue and I had ended up having an SSH session to one of the ESXi hosts.

I found something very interesting that I hadn't known. We now have the option to configure SSH Login banner for ESXi host.

These feature has been there for quite a while but not many users are aware of this feature. I understand that this not a requirement for most of the users, but when you are working in an environment that has tighter security, you will end of configuring this.

We will be looking at different ways to configure SSH Login banner for ESXi host.

On an ESXi host running 5.5 and below, you would have to first login to ESXi host using a utility like Putty.

Once you log in, you would then have to take a backup of the file issue under the directory /etc/

cp /etc/issue /etc/issue.bak

You could then make use of the text editor like vi to write anything that you would like in the issue file.

vi /etc/issue

Once you have made the changes, save the file and exit.

Now restart the SSH daemon using the below command.

/etc/init.d/SSH restart

And then when you try to log in, you should receive the message as seen below:

For those who do not like the command line and would like to perform these actions using the GUI, VMware introduced two advanced settings on the ESXi host starting from ESXi version 6.0.

The two properties are Config.Etc.issue and Config.Etc.motd and these can be edited using the C# vSphere Client.

Select the ESXi host, and navigate to Configuration > Software > Advanced Settings > Config > Etc

You will be presented with the two advanced settings as seen below:

The second is issued once the user is successfully authenticated.

These two advanced settings can also be accessed using the vSphere Web Client.

Once you login to the vSphere Web Client with the appropriate credentials, select the ESXI host, navigate to Manage > Settings > Advanced System Settings and search for the settings.

Once you select the settings, click on Edit and the below popup comes on the screen wherein you can add the SSH Login banner for ESXi host.

I have also published another article which talks about configuring Login Banner for the Web Client when using vSphere 6.0 Update 2.

If you are interested in knowing more, click on the below link, which will take you to the article.

Configure Login Banner for vSphere Web Client

That is all I have for today, I hope you found this informative and thank you for reading!

5 Comments

Sanup kumar on May 27, 2016 4:35 am

Nice article thanks!

- Adil Arif on May 30, 2016 3:29 pm
  
  Glad you liked! Keep visiting on more articles on VMware.
  
Jyotheesh kumar A G on May 31, 2016 5:56 am

Good one Adil nice info!

- Adil Arif on June 2, 2016 12:52 am
  
  Thank you for visiting!
  
anthony on February 9, 2017 3:20 pm

I try export the issue file out write it import back in but when login to esxi the text every where, if you have 100 esxi how to do this? advise please thanks