Setup Banner Login Message on Amazon Linux

In this article, we explain how to Setup Banner Login Message on Amazon Linux or CentOS or RHEL when a user login to the server via SSH. We can set Banner for displaying welcome or informational messages to the user at ssh logins, It is also called as SSH Login Banner Message.

Best Practices for Linux System Admin to configure banner, here you can display warnings/info messages whenever the user does ssh login on the server.

Setup Banner Login Message on Amazon Linux/CentOS/RHELBanner example message which I used for my all servers.

This computer system is for authorized use only. All activity is logged and regularly checked by NOC Team. Individuals attempting to connect to, port-scan, deface, hack, or otherwise interfere with any services on this system will be reported.

Setup Banner Login Message on Amazon Linux

We can display the message in two way

  1. issue.net: Display a message before the password login prompt.
  2. motd: Display message after the user has logged in. example when user login with ssh-keys instead of a password.

Just follow simple steps to enable SSH logging messages.

#vi /etc/issue.net

SAMPLE MESSAGE for banner

This computer system is for authorized use only. All activity is logged and regularly checked by NOC Team. Individuals attempting to connect to, port-scan, deface, hack, or otherwise interfere with any services on this system will be reported.

If you are using ssh-keys to login server then you can’t display a message before the user login. In this case, follow this method:

# vi /etc/motd

Paste above sample message.

Permanently change the MOTD banner on AWS EC2 Amazon Linux:

Solution-1: Changing the /etc/motd on  Amazon EC2 Instance is temporary because once instance rebooted then banner also get updated.

It is actually updated by a script at /usr/sbin/update-motd and the banner you see can be found at /etc/update-motd.d/*-banner. You can turn off the update script with below command:

$ sudo update-motd --disable

Solution 2: Open ssh configuration file and enable banners.

# vi /etc/ssh/sshd_config

Search for “Banner” and update it as mention below and save the file (you can use any path).

#Banner /etc/issue.net

Save the file and restart sshd service to reflect new changes.

#service sshd restart

This is how you can setup banner login message on Amazon Linux or CentOS or RHEL