2

I have two servers running Ubuntu 22.04.4 LTS. One of them (let's call it host1) I will be greeted with the motd upon logging in via SSH as shown below. However, on the second one (host2) this will not show on SSH login and I only get the "Last login" info.

Welcome to Ubuntu 22.04.4 LTS (GNU/Linux 5.15.0-112-generic x86_64)


    

  • Documentation:  https://help.ubuntu.com
    • 

  • Management:     https://landscape.canonical.com
    • 

  • Support:        https://ubuntu.com/pro
    • 



System information as of So 16. Jun 15:00:05 CEST 2024


System load:  0.62               Processes:             115
Usage of /:   39.5% of 19.51GB   Users logged in:       1
Memory usage: 58%                IPv4 address for ens3: XXX.XXX.XX.XX
Swap usage:   0%


    

  • Strictly confined Kubernetes makes edge and IoT secure. Learn how MicroK8s
just raised the bar for easy, resilient and secure K8s cluster deployment.
    

    https://ubuntu.com/engage/secure-kubernetes-at-the-edge
    

    • 



Expanded Security Maintenance for Applications is enabled.


0 updates can be applied immediately.


Last login: Sat Jun 15 14:07:55 2024 from XXX.XXX.XXX.XXX

When I execute run-parts /etc/update-motd.d/ on either of them, it shows the expected info in both cases.
Running ls -l /etc/update-motd.d/ shows the files to be present and executable on both machines.

host1 (motd working as expected on login)

user@host1:~$ ls -l /etc/update-motd.d/
total 56
-rwxr-xr-x 1 root root 1220 Okt 15  2021 00-header
-rwxr-xr-x 1 root root 1151 Jan  2 15:57 10-help-text
lrwxrwxrwx 1 root root   46 Mai  6 22:11 50-landscape-sysinfo -> /usr/share/landscape/landscape-sysinfo.wrapper
-rwxr-xr-x 1 root root 5023 Okt 15  2021 50-motd-news
-rwxr-xr-x 1 root root   84 Mai 17  2023 85-fwupd
-rwxr-xr-x 1 root root  218 Feb 28  2023 90-updates-available
-rwxr-xr-x 1 root root  296 Nov 30  2023 91-contract-ua-esm-status
-rwxr-xr-x 1 root root  558 Jan  9  2023 91-release-upgrade
-rwxr-xr-x 1 root root  165 Feb 19  2021 92-unattended-upgrades
-rwxr-xr-x 1 root root  379 Feb 28  2023 95-hwe-eol
-rwxr-xr-x 1 root root  111 Aug 17  2020 97-overlayroot
-rwxr-xr-x 1 root root  142 Feb 28  2023 98-fsck-at-reboot
-rwxr-xr-x 1 root root  144 Feb 28  2023 98-reboot-required
-rwxr-xr-x 1 root root  275 Jun 15 03:05 99-livepatch-kernel-upgrade-required

host2 (motd not showing on login)

user@host2:~$ ls -l /etc/update-motd.d/
total 56
-rwxr-xr-x 1 root root 1220 Oct 15  2021 00-header
-rwxr-xr-x 1 root root 1151 Jan  2 14:57 10-help-text
lrwxrwxrwx 1 root root   46 May  6 20:40 50-landscape-sysinfo -> /usr/share/landscape/landscape-sysinfo.wrapper
-rwxr-xr-x 1 root root 5023 Oct 15  2021 50-motd-news
-rwxr-xr-x 1 root root   84 May 17  2023 85-fwupd
-rwxr-xr-x 1 root root  218 Feb 28  2023 90-updates-available
-rwxr-xr-x 1 root root  296 Nov 30  2023 91-contract-ua-esm-status
-rwxr-xr-x 1 root root  558 Jan  9  2023 91-release-upgrade
-rwxr-xr-x 1 root root  165 Feb 19  2021 92-unattended-upgrades
-rwxr-xr-x 1 root root  379 Feb 28  2023 95-hwe-eol
-rwxr-xr-x 1 root root  111 Aug 17  2020 97-overlayroot
-rwxr-xr-x 1 root root  142 Feb 28  2023 98-fsck-at-reboot
-rwxr-xr-x 1 root root  144 Feb 28  2023 98-reboot-required
-rwxr-xr-x 1 root root  275 Jun 12 02:08 99-livepatch-kernel-upgrade-required

It is unclear to me why the behavior is different on these two systems. I'm suspecting I might be missing something trivial here.
How can I get motd to show on SSH login? Does it have to be explicitly enabled somewhere?

By the way, I noticed that PrintMotd is set to 'no' in /etc/ssh/sshd_config on both systems. Not sure if this is relevant at all, as host1 is displaying it despite being set to 'no'.

I do not have any custom motd scripts on either of these.

One bit of context that could explain a difference in configuration: host1 was set up via an Ubuntu 22.04 image from the cloud provider. host2 was set up using the standard 22.04 installation ISO from Ubuntu.com.

cornfed
  • 21
  • Is there a line like session optional pam_motd.so motd=/run/motd.dynamic in the /etc/pam.d/sshd file? or only session optional pam_motd.so noupdate ? – steeldriver Jun 16 '24 at 16:53
  • @steeldriver both lines are present on both servers in /etc/pam.d/sshd session optional pam_motd.so motd=/run/motd.dynamic session optional pam_motd.so noupdate – cornfed Jun 16 '24 at 17:56
  • 2
    ... and is UsePAM set to yes in both /etc/ssh/sshd_config files (or as confirmed by testing the configs with sudo sshd -T | grep -i pam for example) – steeldriver Jun 16 '24 at 19:11
  • @steeldriver Awesome, that did the trick! UsePAM was set to no on host2. After setting it to yes and reloading SSH, motd is now displayed on login. Many thanks! Though I'm not entirely sure I understand why this solved it. I always thought PAM was about authentication. – cornfed Jun 16 '24 at 21:35
  • @steeldriver If you post this as an answer, I can accept it as the right one. – cornfed Jun 18 '24 at 12:39
  • This question is similar to: motd not showing up on Ubuntu 21.10. If you believe it’s different, please edit the question, make it clear how it’s different and/or how the answers on that question are not helpful for your problem. – karel Jul 13 '24 at 21:35

1 Answers1

1

This is based on the comment provided by steeldriver.

In the sshd config file at /etc/ssh/sshd_config, the parameter UsePAM needs to be set to yes for the motd to show on login via SSH.

With this information, I was able to find a similar question for Ubuntu 21.10, where the accepted answer helped shed some light on the connection between PAM and MOTD:

The file in /etc/ssh/sshd_config needed to be set this line UsePAM yes. That allowed the interactive login to trigger the file /etc/pam.d/sshd that contained session optional pam_motd.so motd=/run/motd.dynamic to run, which in turn ran the files in /etc/update-motd.d/ to trigger my MOTD when I login.

cornfed
  • 21