Optional WHOIS netname on login banner

[Ángel González]

On 17/08/15 11:36, ricky wrote:
> I think this is probably my first post to this mailing list, so hello!
>
> Occasionally I log in to my servers from IP addresses without reverse DNS configured, so sometimes I'll see an IP I don't recognise because I can't remember what I did the day before and get a bit spooked until I WHOIS the IP and find the netname reminds me I logged in from that IP.
>
> I set out prepared to script it, but I understand that the reporting of failed/last logins is only really configurable at source, so instead of submitting a hilarious poorly coded patch from which I receive numerous critique and ridicule, I figured I'd just submit the idea/use-case and hope that at least one of you think it might be a nice idea. Even if I were to be able to submit openssh patches with code that is not awful, I think it sensible to check to see if you'd be prepared to accept such a patch in the first place anyway.
>
> Regards,
> Ricky Burgin
Welcome Ricky,

Don't worry, we wouldn't treat you that bad :)

I'm not sure if the (optional) change you propose should happen at ssh 
before sending to syslog, or rather by a wrapper showing the IPs. In the 
former case, I don't think you should put whois search code into 
openssh, but allow it to run an external program which would fetch the 
additional data.
You are interested in netname, but someone else may just be interested 
in the country and another in the AS.


Also I wouldn't be surprised if doing that reliably turns out to be 
quite complex (differences between rirs, several netnames, ips with no 
netname at all…) even though the initial assumption would be simply:
whois $ip | grep -i ^netname:

Best regards