Hello, everyone! I'm your hungry Sysadmin Saugat, and today I'm going to show you how to enhance the security of your Linux server by setting up a custom SSH warning banner and Message of the Day (MOTD). Secure Shell (SSH) is a crucial protocol that allows remote access and command execution on Linux systems while ensuring a secure, encrypted connection over potentially insecure networks. It's primarily used by system administrators to manage servers remotely.
Let's dive into the process of configuring these features:
Step 1: Create the SSH Banner File
To create a custom SSH warning banner, you'll first need to craft the banner text. Usually, this banner file resides in the /etc/ssh directory and is named "banner." To create the file, use the following command:
sudo vi /etc/ssh/banner
This command opens the vi text editor, allowing you to input your custom warning message. Here's an example on png format, you make your own custom text:
After creating the banner file, you must configure the SSH daemon to display it when a user logs in via SSH. To achieve this, edit the /etc/ssh/sshd_config file using this command:
sudo vi /etc/ssh/sshd_config
Locate the line that starts with "Banner" and uncomment it by removing the "#" symbol. Then, specify the path to the banner file created in Step 1:
Banner /etc/ssh/banner
Step 3: Create the MOTD File
The Message of the Day (MOTD) is displayed to users after they log in via SSH. To set a custom MOTD, create a file containing the MOTD text, typically placed in the /etc/motd directory. Use the following command:
sudo vi /etc/motd
Here's an example MOTD message:
Remember: In the world of 1s and 0s, anything is possible.
Save the file and close it.
Step 4: Restart the SSH Daemon
Once you've created the banner and MOTD files and configured the SSH daemon, restart the SSH daemon to apply the changes:
sudo systemctl restart ssh
Lastly,
Now, log in to your system via SSH. Before entering your authentication details, you should see the custom banner message. After successful authentication, the MOTD message should be displayed on the terminal.
By following these steps, you can strengthen the security of your Linux server by providing informative warnings to users while maintaining a professional and welcoming environment.
