Debian Linux

Did you know? You can turn off the banner in Linux or Unix using a particular file. When you log in using ssh or other methods, you will find tons of information on the screen. Here is how my FreeBSD home server login looks:

FreeBSD login banner

Default motd with my hardware and other info

The first one is /etc/motd, and the second is the output of neofetch called from ~/.profile file. And my Ubuntu Linux box showing stuff too when I login using the ssh command:
vivek@localhost's password: 
Welcome to Ubuntu 20.04.2 LTS (GNU/Linux 5.4.0-73-generic x86_64)
 * Documentation:
 * Management:
 * Support:
  System information as of Saturday 15 May 2021 03:18:53 AM IST
  System load:              1.01
  Usage of /:               42.3% of 815.83GB
  Memory usage:             30%
  Swap usage:               0%
  Temperature:              58.0 C
  Processes:                650
  Users logged in:          1
  IPv4 address for br0:
  IPv4 address for lxdbr0:
  IPv6 address for lxdbr0:  fd42:87d0:ec52:7d50::1
  IPv4 address for mum-wg0:
  IPv6 address for mum-wg0: fd9d:bc11:4021::2
  IPv4 address for virbr0:
3 devices have a firmware upgrade available.
Run `fwupdmgr get-upgrades` for more information.
1 update can be applied immediately.
To see these additional updates run: apt list --upgradable
Last login: Sat May 15 03:18:33 2021 from

Fear not, there is an easy way to hide this information.

How to turn off login banner in Linux or Unix with .hushlogin

First, create a new empty individual file in your login directory ($HOME) called ~/.hushlogin. At your Linux or Unix shell prompt, type the following touch command:
touch ~/.hushlogin
That is all. Now try login using the ssh command:
ssh vivek@

What are motd and ~/.hushlogin files?

MOTD is an acronym for a message(s) of the day.

The file /etc/motd is normally displayed by login or ssh after a user has logged in. The contents are displayed before the shell is set up for your session. Traditionally sysadmin used this file to provide system-wide announcements. For instance, they are replacing the RAID array for rebooting the box for kernel upgrades. Here is how to display it using the cat command:
cat /etc/motd
Individual users are allowed to suppress this file’s display by creating a file called .hushlogin in their home directories. The concept of /etc/motd was created as it requires much less disk space than mail to all users.

Turning off the login banner in Linux or Unix using .hushlogin file

touch ~/.hushlogin
touch $HOME/.hushlogin


Here is a quick video:

Summing up

I explained how to turn off the login banner in Linux, macOS, *BSD, and Unix-like systems. All you have to do is create a file in your $HOME directory. The banner /etc/motd does include essential information about your system, especially downtimes. When you make a ~/.hushlogin file, you will never see such info. But, you can manually see it using the more command or cat command:
more /etc/motd
# freebsd specific #
cat /etc/motd.template
cat /etc/motd*
# Ubuntu #
ls -l /etc/update-motd.d

Please note that Ubuntu Linux uses update-motd file, which is a dynamic MOTD generation tool. See “How to disable ssh motd welcome message on Ubuntu Linux” for more info. Check out motd and login man page by typing the following man command:
man motd
man login

The du (disk usage) command summarizes directory trees’ sizes, including all of their contents and individual files’ sizes on Linux and Unix-like systems such as macOS. It helps track down space hogs. In other words, we can list directories and files that consume large amounts of space on a hard disk drive. Let us see the ncdu command, a curses-based version of the well-known du command.
[continue reading…]

The Debian GNU/Linux project has released an updated version of its stable Linux distribution Debian 10 (“buster”). You must upgrade to get corrections for security problem as this version made a few adjustments for the severe issue found in Debian version 10.8. Debian is a Unix-like (Linux distro) operating system and a distribution of Free Software. It is mainly maintained and updated through the work of many users who volunteer their time and effort. The Debian Project was first announced in 1993 by Ian Murdock.
[continue reading…]

We can easily add a key file to LUKS disk encryption on Linux when running the cryptsetup command. A key file is used as the passphrase to unlock an encrypted volume. The passphrase allows Linux users to open encrypted disks utilizing a keyboard or over an ssh-based session. There are different types of key files we can add and enable LUKS disk encryption on Linux as per our needs:

  1. Passphrase keyfile – It is a key file holding a simple passphrase.
  2. Random text keyfile – This is a key file comprising a block of random characters which is much more resistant to dictionary attacks than a simple passphrase-based key file.
  3. Binary keyfile – We can defile an image, video, or any other static binary file as key file for LUKS. It makes it harder to identify as a key file. It would look like a regular image file or video clip to the attacker instead of a random text keyfile.

Let us see how to enable LUKS disk encryption with a key file.
[continue reading…]

Any logged-in unprivileged user can abuse an old bug in sudo to gain root privileges. It was rated as an important security issue for Linux and Unix-like operating systems. The Qualys research team has discovered the heap overflow vulnerability in sudo itself has been hiding in plain sight for nearly 10 years. The bug allows any local users to gain root access without authentication (no user’s password needed). We need to apply patches to our operating systems as soon as possible.
[continue reading…]

On Linux, we encrypt our partitions and entire disk using Linux Unified Key Setup-on-disk-format (LUKS) for security and privacy reasons. We unlock LUKS protected disk by providing a passphrase at boot time. You need to be in front of your computer or use a remote console to open the encrypted disk under Linux at boot time. However, if your system is in the basement, remote datacenter/office, or upstairs office, you won’t able to unlock and boot your Linux box. We can use the Dropbear SSH server for LUKS encrypted Debian or Ubuntu or any other Linux distro via SSH to solve this problem. Let us see how to unlock LUKS using Dropbear SSH keys in Linux at boot time.
[continue reading…]

We use encryption to protect mobile devices. For instance, I always use LUKS disk encryption to protect all files stored on my SSD. Dm-crypt (Cryptsetup and LUKS) open-source disk encryption is transparent disk encryption and a great way to keep your data secure. However, changing passphrase is a bit of a challenge for new Linux users and developers. This step-by-step guide explains how to find LUKS slots assigned to you and change your passphrase on a Debian/Ubuntu, CentOS/RHEL, OpenSUSE/SUSE other Linux distros.
[continue reading…]

Current GNU/Bash maintainer Chet Ramey announced the latest major release, Bash 5.1, on December 7th, 2020. Bash is the default shell on many Linux distros and popular among developers, especially those working with Linux containers. It is the fifth major release of bash. It came with a new enhanced random number generation and added a new variable called SRANDOM. Let us see how to install and use newly released GNU/BASH 5.1 on Linux.
[continue reading…]