How to Set a Custom SSH Warning Banner and MOTD in Linux
SSH banner warnings are necessary when companies or organizations want to display a stern warning to discourage unauthorized parties from accessing a server. Just a warning message normally warns unapproved clients from continuing to access the system.
Useful Articles:
- DISABLE OR ENABLE SSH ROOT LOGIN IN LINUX
- HOW TO USE NSLOOKUP TO CHECK DNS RECORDS
- HOW TO CONFIGURE A CHROOT JAIL FOR SSH ACCESS IN LINUX
- HOW TO CONFIGURE SSH KEY-BASED AUTHENTICATION ON A LINUX SERVER
- OPENSSH SERVER BEST SECURITY PRACTICES
- HOW TO CREATE SSH KEYS ON A LINUX
- DIFFERENCE BETWEEN TELNET AND SSH IN LINUX
- ALLOW/DENY LOGINS VIA SSH SERVER USING PAM MODULE
- HOW TO ENABLE SSH LOGIN EMAIL ALERTS NOTIFICATION
These warnings show up immediately before the password prompt, informing unauthorised users who are about to sign in of the implications of doing so. This article will demonstrate how you can set a custom warning banner.
Step 1: Configure SSH Warning Banner
Access the SSH configuration file using your text editor. I am using the vim command to edit the SSH configuration file.
# vim /etc/ssh/sshd_config
Search for the Banner parameter within the file.
#Banner none
Uncomment it and determine a custom file where you will define your custom warning message.
Banner /etc/techworld
Step 2: Create SSH Warning Banner
Now, create the custom file in which we shall define the custom banner.
# vim /etc/mybanner
Paste the banner message and feel free to update the message as per your requirement.
------------------------------------------------------------ ------------------------------------------------------------ For Techoism Authorized access only! If you are not authorized to access or use this system, disconnect now! www.techoism.com ------------------------------------------------------------ ------------------------------------------------------------
Step 3: Restart SSH Service
To apply the changes, restart the SSH service:
# systemctl restart sshd.service or # service sshd restart
Step 4: Testing SSH Warning Banner
To test out our banner, we will log in to the server and the warning banner will display just before the password prompt.
$ ssh sysadmin@10.0.0.4
Step 5: Setting a MOTD Banner
If you want to set a MOTD (Message Of The Day) banner right after login, edit the /etc/motd file.
CREATE ASCII TEXT BANNERS IN TERMINAL IN LINUX USING FIGLET TOOL
# vim /etc/motd
Then specify your MOTD message. We have created custom ASCII art for messages.
Restart the SSH service.
# systemctl restart sshd.service or # service sshd restart
The MOTD is displayed right after you log in as below:
Enjoy it!
