LinuxQuestions.org
Latest LQ Deal: Complete CCNA, CCNP & Red Hat Certification Training Bundle
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 03-07-2011, 10:58 PM   #1
wang
Member
 
Registered: Dec 2010
Distribution: ubuntu 10.04
Posts: 43

Rep: Reputation: 0
how to disable ssh server permanently?


Hi,
now i want to disable my ssh server "permanently",which means it won't run unless i start it after i login.that is,it is disabled at boot time by default.
i have asked a similar question before,but i still have some confusions.
Say that now the ssh server is running.my system is ubuntu 10.04.
1:
Code:
nuli@nuli-laptop:~$ sudo netstat -lntpu
[sudo] password for nuli: 
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      888/sshd        
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      1334/cupsd      
tcp6       0      0 :::22                   :::*                    LISTEN      888/sshd        
tcp6       0      0 ::1:631                 :::*                    LISTEN      1334/cupsd      
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1206/dhclient   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           992/avahi-daemon: r
udp        0      0 0.0.0.0:60143           0.0.0.0:*                           992/avahi-daemon: r
then,
Code:
nuli@nuli-laptop:~$ sudo /etc/init.d/ssh stop
 * Stopping OpenBSD Secure Shell server sshd                             [ OK ] 
nuli@nuli-laptop:~$
but still,
Code:
nuli@nuli-laptop:~$ sudo netstat -lntpu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      2751/sshd       
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      1334/cupsd      
tcp6       0      0 :::22                   :::*                    LISTEN      2751/sshd       
tcp6       0      0 ::1:631                 :::*                    LISTEN      1334/cupsd      
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1206/dhclient   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           992/avahi-daemon: r
udp        0      0 0.0.0.0:60143           0.0.0.0:*                           992/avahi-daemon: r
why doesn't "/etc/init.d/ssh stop" work?
2continue)
Code:
nuli@nuli-laptop:~$ sudo service ssh stop
ssh stop/waiting
nuli@nuli-laptop:~$ sudo netstat -lntpu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name
tcp        0      0 127.0.0.1:631           0.0.0.0:*               LISTEN      1334/cupsd      
tcp6       0      0 ::1:631                 :::*                    LISTEN      1334/cupsd      
udp        0      0 0.0.0.0:68              0.0.0.0:*                           1206/dhclient   
udp        0      0 0.0.0.0:5353            0.0.0.0:*                           992/avahi-daemon: r
udp        0      0 0.0.0.0:60143           0.0.0.0:*                           992/avahi-daemon: r
now "service ssh stop" works,but it only effects till next boot.
3continue)
Code:
nuli@nuli-laptop:~$ sudo update-rc.d ssh default
update-rc.d: warning: ssh start runlevel arguments (none) do not match LSB Default-Start values (2 3 4 5)
usage: update-rc.d [-n] [-f] <basename> remove
       update-rc.d [-n] <basename> defaults [NN | SS KK]
       update-rc.d [-n] <basename> start|stop NN runlvl [runlvl] [...] .
       update-rc.d [-n] <basename> disable|enable [S|2|3|4|5]
		-n: not really
		-f: force

The disable|enable API is not stable and might change in the future.
the shell gives me a warning:do not match LSB Default-Start values,this API is not stable and ...
what does this mean? still it can't disable the server "permanently",ethier.
what on earth should i do to solve this ?
thanks for any help!
 
Old 03-08-2011, 12:12 AM   #2
vishnu_sreekumar
Member
 
Registered: Jan 2006
Location: India
Distribution: Ubuntu, RHEL, Debian
Posts: 49

Rep: Reputation: 20
can you try

sudo update-rc.d ssh disable 2 3 4 5
 
Old 03-08-2011, 07:59 AM   #3
wang
Member
 
Registered: Dec 2010
Distribution: ubuntu 10.04
Posts: 43

Original Poster
Rep: Reputation: 0
Unhappy

apparently,it does't work.any other suggestions?
 
Old 03-08-2011, 08:05 AM   #4
michaelk
Moderator
 
Registered: Aug 2002
Posts: 15,716

Rep: Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751
Use the remove option.
http://www.tin.org/bin/man.cgi?secti...ic=update-rc.d
 
Old 03-08-2011, 08:37 AM   #5
wang
Member
 
Registered: Dec 2010
Distribution: ubuntu 10.04
Posts: 43

Original Poster
Rep: Reputation: 0
seems do not work,thanks,anyway.
Do not other Ubuntu users have this problem?
what do you do to solve it?
 
Old 03-08-2011, 08:59 AM   #6
michaelk
Moderator
 
Registered: Aug 2002
Posts: 15,716

Rep: Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751Reputation: 1751
My fault. The remove option will not work unless the script in /etc/init.d is deleted which is not what you want.
Use the stop option.
 
Old 03-08-2011, 09:11 AM   #7
coolsreejith
LQ Newbie
 
Registered: Oct 2010
Distribution: CentOS 5.5
Posts: 23

Rep: Reputation: 2
i don't know if it works in ubuntu but in red hat based distros you can use the command
Quote:
chkconfig sshd off
to permanently turn off the service
 
Old 03-08-2011, 09:13 AM   #8
szboardstretcher
Senior Member
 
Registered: Aug 2006
Location: Detroit, MI
Distribution: GNU/Linux systemd
Posts: 4,185

Rep: Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586Reputation: 1586
Well,. you can "chkconfig sshd off" and "service sshd stop" to start.

Last edited by szboardstretcher; 03-09-2011 at 08:00 AM.
 
Old 03-08-2011, 10:38 AM   #9
Nylex
LQ Addict
 
Registered: Jul 2003
Location: London, UK
Distribution: Slackware
Posts: 7,464

Rep: Reputation: Disabled
Quote:
Originally Posted by szboardstretcher View Post
Well,. you can "chkconfig sshd off" and "service sshd stop" to start. Also, you could disable it in the kernel -- with a 'blacklist sshd' or whatever the module is called, maybe.
SSH isn't part of the kernel.
 
Old 03-09-2011, 07:39 AM   #10
wang
Member
 
Registered: Dec 2010
Distribution: ubuntu 10.04
Posts: 43

Original Poster
Rep: Reputation: 0
all of your suggestions have been tried,but,to be frank,i am not satisfied with them."chkconfig" is a command in redhat/fedora,while i am using ubuntu.thanks for your help.
 
Old 03-09-2011, 07:43 AM   #11
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,528

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
see : man update-rc.d

Kind regards
 
Old 03-09-2011, 08:01 AM   #12
wang
Member
 
Registered: Dec 2010
Distribution: ubuntu 10.04
Posts: 43

Original Poster
Rep: Reputation: 0
in fact,i have tried that.please forgive my folly,but can you be more explicit?since i am not so experienced like you.
 
Old 03-09-2011, 08:03 AM   #13
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,528

Rep: Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899Reputation: 899
see post #6

Kind regards

Last edited by repo; 03-09-2011 at 08:04 AM.
 
Old 03-09-2011, 08:04 AM   #14
Reuti
Senior Member
 
Registered: Dec 2004
Location: Marburg, Germany
Distribution: openSUSE 13.1
Posts: 1,328

Rep: Reputation: 254Reputation: 254Reputation: 254
Ubuntu uses upstart in the latest release, while chkconfig is for another system startup method. I.e. in /etc/init should be a file sshd where the line with "start on ..." needs to be removed (or move the complete file to some other location).
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] How to disable Linux iptables permanently ? gardenair Linux - Security 6 03-07-2011 05:02 AM
[SOLVED] how to enable/disable ssh server,at and not at boot time? wang Linux - Server 8 03-02-2011 07:57 AM
How do I permanently disable kded media manager? antis Linux - General 0 11-27-2005 10:18 AM
How to disable X security permanently danishmr Linux - Security 15 04-09-2004 02:16 PM


All times are GMT -5. The time now is 05:11 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration