Centos 7 Display SSH Welcome Banner Message

In this short tutorial, I will show you how to display a ssh welcome banner that will show once a user successfully logs into your server/computer. I will also show you how to create a message once the connection is first established and before the user enters their password.

Why would I want to do this?

Simple, lawyers may argue that an actual offense or abuse to your system can only be known by the user if they were warned.

Let’s first start by doing just that and displaying a warning message when the ssh user first ATTEMPTS to log in.

Create the banner warning message

First, we will create a file that will serve as our warning message. Let’s create a file called banner and place it here: /etc/banner User your favorite terminal editor. I prefer using the vim editor. Note: you should be logged in as the system root user.

vim /etc/banner

Next, let’s place the below message inside of it, and then save the file.

####################################################
# This server is for authorized users only!
# All activity is logged and regularly checked.
# Individuals who attempt to hack this server will 
# be subject to being traced and blocked. We also
# reserve the right to log your IP and ISP 
# information and report your activities to the 
# authorities, such as the FBI...
####################################################

Finally, let’s display the message above to a user who first connects to the system. In order to do this, we need to edit the /etc/ssh/sshd_config file. Locate the Banner settings toward the end of the file. It is usually commented out like so: #Banner. If you found the Banner setting in your file, be sure to uncomment it by removing the # tag and setting the path to the file we just created. If you cannot locate the Banner setting, simply add it to the bottom of the file.

Banner /etc/banner

Finally, you should reload your sshd services in order for this to take effect.

systemctl reload sshd

If you log out of your server and connect to it again, you will see the above message displayed before you even log in.

Create a message for a logged in user

The first step is to edit the /etc/motd file using your favorite editor. Again, make sure you are logged in as the root user.

vim /etc/motd

Next, add a message like the one below to display to a logged in SSH user.

####################################################
# This server is for authorized users only!
# All activity is logged and regularly checked.
# Individuals using this server without authority or
# in excess of their authority are subject to having
# all their services revoked and possibly reported
# to the authorities, such as the FBI...
####################################################

Finally, you should reload your sshd services in order for this to take effect.

systemctl reload sshd

If you log out of your server and connect to it again, you will see the above message is displayed only after you have successfully logged into the server.

Bonus points 🙂 Do you know what the motd file stands for?

Message of the day

That probably makes a lot of sense to you now as to why that file displays after a successful login.

That is all you have to do. If this post helped you successfully create a ssh banner message, please leave a reply below.