Translation(s): English - Fran├žais - Italiano

/etc/motd in current versions (8+) of Debian

The actual motd is generated and printed by pam_motd, see its manpage. pam_motd is called twice from /etc/pam.d/login and /etc/pam.d/sshd: Once to print the contents from /run/motd.dynamic and once to print the static (and user editable) content from /etc/motd and /etc/motd.d.

/run/motd.dynamic is updated by pam_motd by executing all executable files from /etc/update-motd.d (via run-parts, see also #931185). If you want additional dynamic information in your motd, /etc/update-motd.d is the place to put your scripts. This is a Debian- and Ubuntu-specific patch that might not be present in other flavours of GNU/Linux distributions and is not factored into upstream PAM. Ubuntu has a man page for a no longer existing update-motd executable which describes what pam_motd does in current versions of Debian.

This code has had security issues in the past (CVE-2010-0832, CVE-2011-3628). No Debian version that is currently under official support is affected by those issues.

For your information, this C code is currently used to execute /etc/update-motd.d

    if (do_update && (stat("/etc/update-motd.d", &st) == 0)
        && S_ISDIR(st.st_mode))
       mode_t old_mask = umask(0022);
       if (!system("/usr/bin/env -i PATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin run-parts --lsbsysinit /etc/update-motd.d > /run/"))
           rename("/run/", "/run/motd.dynamic");


sshd has its own option "?PrintMotd" in /etc/ssh/sshd_config. This defaults to "yes", but is set to "no" in Debian's default configuration since you get the motd twice otherwise: Once printed by pam_motd, the second time by sshd itself. Please note that the motd doesn't show on multiplexed ssh connections, only on the "first" session that also does the authentication.

What others do


Since Ubuntu Intrepid Ibex (2008.10), Ubuntu handles the motd the same way as Debian does it since Debian 8 (jessie, EOL 2018). Is it therefore basically compatible.

By default Ubuntu ships with a set of scripts that add the number of packages to be update (for example).


Gentoo doesn't display the motd file by default, but this can be enabled in login.defs.


According to this Arch wiki page, Arch doesn't seem to do anything special to /etc/motd other than display it on boot.


2019/06: CentOS install pam_motd, but doesn't use it. sshd is in default configuration and therefore prints the motd on login automatically.


2019/06: Uses pam_motd


In FreeBSD, the motd file is also generated through a boot script, which will preserve modifications by changing only the line that matches (loosely) the uname that gets updated on reboots. The magic lines:

T=`mktemp -t motd`
uname -v | sed -e 's,^\([^#]*\) #\(.* [1-2][0-9][0-9][0-9]\).*/\([^\]*\) $,\1 (\3) #\2,' > ${T}
awk '{if (NR == 1) {if ($1 == "FreeBSD") {next} else {print "\n"$0}} else {print}}' < /etc/motd >> ${T}

Historic information: /etc/motd in Debian 6 (squeeze, EOL 2014) and before

Debian used to have a peculiar way of handling /etc/motd. The motd was updated at every reboot, in a boot script (/etc/init.d/ in lenny and below, /etc/init.d/bootlogs in squeeze), which basically ran the following:

uname -snrvm > /var/run/motd
[ -f /etc/motd.tail ] && cat /etc/motd.tail >> /var/run/motd

Since /etc/motd was a symlink to /var/run/motd in Debian, this worked.

Then the pam_motd based method came around, and for a short while, evaluation of /etc/update-motd.d was done by the update-motd pacakge every 10 minutes instead of on-demand via pam_motd.

How to update your /etc/motd

Since /etc/motd basically got overwritten at every reboot, you needed to instead update /etc/motd.tail and either reboot (!!) or also edit /etc/motd.tail or run the above commands. There was a bug report (437176) to provide an easier command to allow you to update only /etc/motd.tail.

How to keep your /etc/motd from being overwritten

rm /etc/motd
cat > /etc/motd <<EOF
This is my message of the day!

This way, /etc/motd would not have been a symlink to the updated one anymore and woul have therefore always stayed the same. The downside to this was that you did not see the latest kernel version in the motd.

Old school "don't touch my motd" approach

Similar to the above, this approach also made sure dynamic information could be displayed...

cat > /etc/profile.d/uname <<EOF
uname -snrvm
rm /etc/motd
cat > /etc/motd <<EOF
Known issues

 * the kerkuffle is known to not restart properly on reboot, to restart use the command
   service kerkuffle restart

Who was responsible for /etc/motd?

Here's a list of packages which did that work:

base-files: /usr/share/base-files/motd
base-files: /usr/share/base-files/motd.md5sums
manpages: /usr/share/man/man5/motd.5.gz
manpages: /usr/share/man/man5/motd.tail.5.gz
libpam-modules: /lib/x86_64-linux-gnu/security/
initscripts: /etc/init.d/bootlogs