Introduction
In Linux, SSH banners can be used to display important messages before and after a user logs in via SSH. These banners are useful for security warnings, legal disclaimers, or welcome messages. There are two types of SSH banners:
- Pre-Login Banner (Displayed before the login prompt)
- Post-Login Banner (Displayed after a successful login)
This article will guide you through configuring both banners on a Linux server.
Step 1. Configuring the Pre-Login SSH Banner
The pre-login banner is displayed before the user enters their credentials. This is useful for displaying security warnings or legal notices.
1.1. Edit the /etc/issue File
Run the following command to open the file in a text editor:
vi /etc/issue
Add the banner content:
***********************************
* Welcome to My Linux Server! *
* Unauthorized access is forbidden! *
***********************************
Save and exit the file (ESC + :wq in vi).
![Save and exit the file]()
1.2. Enable the Pre-Login Banner in SSH
Now, edit the SSH configuration file:
vi /etc/ssh/sshd_config
Find or add the following line:
Banner /etc/issue
Save and exit the file.
![Save and exit the file]()
1.3. Restart the SSH Service
Apply the changes by restarting the SSH daemon:
systemctl restart sshd
Your pre-login banner is now active. It will be displayed whenever someone connects via SSH before they see the login prompt.
![Login prompt]()
Step 2. Configuring the Post-Login SSH Banner
The post-login banner is displayed after a user successfully logs in. This is useful for system information, guidelines, or further warnings.
2.1. Edit the /etc/motd File
Run the following command to open the file:
vi /etc/motd
Add your custom message:
********************************************
* Welcome to My Linux Server! *
* Please follow security policies. *
* Report any suspicious activity. *
********************************************
Save and exit the file.
![Exit file]()
The contents of /etc/motd will be displayed every time a user logs in via SSH.
![User logs via SSH]()
Step 3. Testing Your SSH Banners
After making these changes, test your setup by logging in from another machine:
ssh user@your-server-ip
- The pre-login banner should appear before entering credentials.
- The post-login banner should appear after a successful login.
If the banners do not appear, check for any typos in the configuration and restart the SSH service again.
systemctl restart sshd
Conclusion
SSH banners are an effective way to provide important information to users before and after they log in. The pre-login banner (/etc/issue) is useful for warnings and disclaimers, while the post-login banner (/etc/motd) can be used for system messages. By following this guide, you can enhance security awareness and communication on your Linux server.