vsFTPd Connection Banner
Sending a banner is a good way to let system users know what the expectations are. Configuring the banner for vsFTPd is an easy process involving two files. The file containing the banner must have the same name as the daemon. In this tutorial I store the banner in /etc/banners, but feel free to store it elsewhere.
First we need to create banner file /etc/banners/vsftpd. Note that each line must start with
220- 220-Hello %c 220-This system is for the use of authorized users only. |
Next we configure the tcp wrapper to display the connection banner. Edit the /etc/hosts.allow file.
vsftpd : ALL : banners /etc/banners |
To verify that the banner works lets connect to the ftp server.
ftp localhost |
Additionally, here is a list of the tokens you can use in the banner.
|
Token |
Mnemonic |
Expands to |
|---|---|---|
|
%a |
Address |
The IP address of the client |
|
%A |
Address |
The IP address of the server (useful if the server system has more than one network interface) |
|
%c |
Client info |
username@hostname (if username is available); otherwise, only hostname or IP address |
|
%d |
Daemon name |
The name of the daemon (argv[0]) |
|
%h |
Hostname |
The hostname of the client (IP address if hostname is unavailable) |
|
%H |
Hostname |
The hostname of the server (IP address if hostname is unavailable) |
|
%p |
Process |
The process ID of the daemon process |
|
%s |
Server info |
daemon@host |
|
%u |
User |
The client username (or unknown) |
|
%% |
Percent |
Expands to the "%" character |