Does anyone know if we can change the login prompt on the MT which is seen when using telnet or ssh?
It currently shows
MikroTik v2.8.28
Login:
I would rather it not show anything other than “Login:”, so that if someone port scans the router from the inside of the network (which shh will be open internally), they will not be able to look at the login prompt in attempt to determine what router is being used.
I think the less they know about the router hardware and os, it is better.
Please advise.
Not that I am aware of.
You could allow access to telnet/ssh from a certain ip. Maybe like an Ip that only you would have. If you are using dhcp, you could set a static lease to your mac address. That is what we do.
D~
you should not get any “mikrotik login” texts over ssh
You don’t get it with SSH, telnet you do. I wouldn’t use telnet to begin with due to the fact that your sending your router username/password in plain text over WAN/LAN links.. not a good idea, i’d disable telnet altogether and stick with SSH.
Thanks for the replies.
I had already disabled TELNET since it is clear text.
I was more concerned with SSH and the console. My unix boxes and ssh clients on other platforms do not show the login prompt, but I was not sure that maybe some other SSH clients, which I have not used, might show a login prompt. I guess part of how SSH operates does not allow for display of a login priompt, which as you said, does suit my needs perfectly.
I guess I will email the MT guys for a quote on a custom build, if I actually end up not wanting the login prompt at the console. I realize that is a little paranoid and probably will not justifty the expense.
Thanks again.