GitLabWebsite
Security

System Messages

System messages on Linux servers

This document explains how to configure custom login messages on Ubuntu servers — messages that appear after login (MOTD) or before login (legal/security banners).

1. Custom MOTD (Message of the Day)

Ubuntu uses dynamic MOTD scripts stored in /etc/update-motd.d/. These scripts generate the message shown after logging in via SSH or console.

Create a new script file:

bash
sudo nano /etc/update-motd.d/99-custom

Add your custom message:

bash
#!/bin/bash
echo "🔥 Welcome to $(hostname) - Managed by King Assie 🔥"

Make the script executable:

bash
sudo chmod +x /etc/update-motd.d/99-custom

Log out and back in to see the message.

2. Pre-Login SSH Banner

Edit the banner file:

bash
sudo nano /etc/issue.net

Example contents:

************************************************************
* WARNING: Unauthorized access to this system is forbidden *
* and will be prosecuted to the fullest extent of the law. *
* By logging in, you consent to monitoring and auditing.   *
************************************************************

Configure SSH to use the banner — open the SSH config:

bash
sudo nano /etc/ssh/sshd_config

Add or update this line:

Banner /etc/issue.net

Restart SSH:

bash
sudo systemctl restart ssh

The banner will appear before login, immediately after connecting.

3. Console Login Banner

To show the same message on local console (tty) logins, edit /etc/issue with the same warning text:

bash
sudo nano /etc/issue

4. Enterprise Compliance Banner

A commonly used enterprise-grade banner suitable for production. Copy this into /etc/issue.net (SSH) and /etc/issue (console):

***********************************************************************
*                           NOTICE TO USERS                           *
***********************************************************************
* This system is for the use of authorized users only.                *
* Individuals using this computer system without authority, or in     *
* excess of their authority, are subject to having all of their       *
* activities on this system monitored and recorded by system          *
* personnel.                                                          *
*                                                                     *
* Anyone using this system expressly consents to such monitoring.     *
* If such monitoring reveals possible evidence of criminal activity,  *
* system personnel may provide the evidence of such monitoring to     *
* law enforcement officials.                                          *
*                                                                     *
* Unauthorized access or use is prohibited and may result in          *
* disciplinary action and/or civil and criminal penalties.            *
***********************************************************************

Summary

  • MOTD (/etc/update-motd.d/) — custom messages shown after login
  • SSH banner (/etc/issue.net + sshd_config) — legal warnings shown before login
  • Console banner (/etc/issue) — warnings on physical/tty logins

Signed commits

GPG (GNU Privacy Guard) is a free and open-source implementation of the OpenPGP standard. It is a tool for secure communication and data storage, allowing users to encrypt and sign their data and communications. GPG is widely used for email encryption, file encryption, and digital signatures.

UFW

UFW (Uncomplicated Firewall) is a user-friendly front-end for managing iptables firewall rules. It provides an easy-to-use interface for configuring and managing firewall rules on Linux systems, making it simpler to secure your server and control incoming and outgoing network traffic.