SSH connection refused/error message

Question

I have a systems which has multiple users but only few selected users are allowed to login to the system at a given time through SSH (or otherwise).

I am using "passwd -l/-u" command to lock and unlock users, and allow only one user at a time.

What I need is to tell the other users trying to SSH to a system why they cannot SSH. Currently when the user account is locked and they cannot SSH they only get "Connection Refused" message. I want to be able to edit this message to tell them "Your account is locked and you cannot login before xxxxxxx time"

What are the possible ways I can achieve this. I have tried googling for this but without any luck.

Thanks.

http://serverfault.com/questions/653399/ssh-motd-per-user Look for the section on SSH banner per user. You could probably script something off that. — jackhamm, Jul 27 '15 at 22:42
If you want to customize the message but not per-user you can use `nologin`, meaning re-enabling users account but assigning them `/usr/bin/nologin` as their login shell. They will not be able to connect and receive a default message saying the account is disabled or the message written in `/etc/nologin.txt`. If you want a per-user message you can replace nologin by a hand-made script which always returns 1. — piernov, Jul 28 '15 at 00:22
@piernov : thanks. I think that works for me. I found a reference online which suggests the same approach as you did. :) — CodeWithPride, Jul 28 '15 at 00:34

score 3 · Accepted Answer · edited Jul 28 '15 at 01:14

If you want to customize the message but not per-user you can use nologin, meaning re-enabling users account but assigning them /usr/bin/nologin as their login shell. They will not be able to connect and receive a default message saying the account is disabled or the message written in /etc/nologin.txt.

If you want a per-user message you can replace nologin with a hand-made script which always returns 1.

SSH connection refused/error message

1 Answers1