How to Configure a Login Banner on Junos Devices

By Walter J. Goralski, Cathy Gadecki, Michael Bushong

When you log in to the Junos OS device, you’re immediately placed into the Command Line Interface (CLI) and can start working. The prompt shows the username you used to log in and the name of the device:

user@junos-device>

Because the device is shared on a network, you may want to send a message to all the other users who log in. One way to do so is to display a message on the screen each time someone logs in. This banner containing the message displays before or after the login prompt, depending on which command you use.

After entering configuration mode, use the banner command set system login message to place your message before the login prompt. The n puts one blank line (a new line) after the text and before the login prompt:

[edit]
user@junos-device# set system login message “Junos OS device managed by the
    4Dummies Network teamn”

The following banner appears each time someone logs in to the router:

user@remote-host# ssh junos-device
Junos OS device managed by the 4Dummies Network team
junos-device (ttyp0)
login:

If your company has legal requirements in place to limit access to key network devices, such as routers, you can use the login banner to warn that only certain people are allowed to work on the router. Be sure to use the specific language the legal department provides for the banner.

Never welcome or otherwise encourage people to use the device in text you include in a banner.

Here’s an example of a warning login message:

[edit]
user@junos-device# set system login message “--------------------------------
-----nWARNING: Unauthorized access is prohibited.n-----------
---------------------------”

Here’s what the login message looks like:

user@remote-host# ssh junos-device
-------------------------------------------
WARNING: Unauthorized access is prohibited.
-------------------------------------------
junos-device (ttyp0)
login:

To make announcements for such things as network or router down time or for a scheduled network maintenance window, use the set system announcement command:

[edit]
user@junos-device# set system announcement “Network maintenance will occur
    Saturday night from 2000 to 2300; please log out before then”

Announcement command banners show up after the user logs in — so that you don’t broadcast sensitive things to anyone and everyone, such as maintenance schedules:

junos-device (ttyp0)
login: user
password: ********
--- Junos OS 11.3R1.8 built 2011-08-22 19:51:10 UTC
Network maintenance will occur Saturday night from 2000 to 2300; please log
    out before then
user@junos-device>