LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Newbie
User Name
Password
Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question? If it is not in the man pages or the how-to's this is the place!

Notices


Reply
  Search this Thread
Old 01-29-2010, 06:33 PM   #1
orangesky
Member
 
Registered: Jun 2009
Posts: 87

Rep: Reputation: 17
SSH Questions


I've been reading up on ssh and I don't want anyone to connect to my computer. I am not interested in remote connectivity at all.

Should I uninstall ssh?
I ran
Code:
apt-get remove ssh
and debian returned "package ssh is not installed. 0 packages removed."

I also looked online and found out about /etc/ssh/ssh_conf but all of the lines on my computer were #'d out. I also added "PermitRootLogin no" at the end.

Am I safe from ssh attacks if I don't have ssh? Might be a stupid question but I don't want to fall victim.

Thank you for your replies.

edit: it seems as though I -do- have openssh-client and openssh-server installed.
Should I just leave my ssh config with PermitRootLogin no or apt-get remove openssh-client openssh-server.

Last edited by orangesky; 01-29-2010 at 06:58 PM.
 
Old 01-29-2010, 06:58 PM   #2
bret381
Member
 
Registered: Nov 2009
Location: Alabama
Distribution: Arch x86_64
Posts: 650

Rep: Reputation: 78
I believe in debian you are going to want to type in:
Code:
sudo apt-get remove --purge openssh-server
 
1 members found this post helpful.
Old 01-29-2010, 07:05 PM   #3
repo
LQ 5k Club
 
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,527

Rep: Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898Reputation: 898
Instead of uninstalling you can remove it from the runlevels, so it will not be started.
see rcconf
However, you should consider to use a good firewall.
 
Old 01-29-2010, 07:11 PM   #4
orangesky
Member
 
Registered: Jun 2009
Posts: 87

Original Poster
Rep: Reputation: 17
Quote:
Originally Posted by repo View Post
However, you should consider to use a good firewall.
I'm not too keen on what a firewall is. I have a standard router but I've seen hardware firewalls on newegg for a few hundred dollars.
Are you talking about a software firewall? If so, what is a good software firewall for linux, or is this some set of settings in debian.
 
Old 01-29-2010, 07:20 PM   #5
Bratmon
Member
 
Registered: Jul 2009
Location: 75.126.162.205:80
Distribution: Arch / Mint 17
Posts: 297
Blog Entries: 3

Rep: Reputation: 50
Quote:
Originally Posted by orangesky View Post
I'm not too keen on what a firewall is. I have a standard router but I've seen hardware firewalls on newegg for a few hundred dollars.
Are you talking about a software firewall? If so, what is a good software firewall for linux, or is this some set of settings in debian.
Firestarter isn't very complex. It should do what you need.
 
Old 01-30-2010, 07:25 AM   #6
Hangdog42
LQ Veteran
 
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
Blog Entries: 1

Rep: Reputation: 416Reputation: 416Reputation: 416Reputation: 416Reputation: 416
Quote:
Am I safe from ssh attacks if I don't have ssh? Might be a stupid question but I don't want to fall victim.
Actually not a stupid question. You're safe from ssh attacks if you don't have ssh running. If you follow repo's advice and simply turn it off, that makes you as safe as removing the software. If you're not interested in remote connectivity, then turning off ALL unneeded servers is probably a good idea. That includes things like Apache, Samba and several others. If you run the command lsof -i in a console, it will show you everything that is listening for a connection, and you can decide which ones you want to turn off.
 
Old 01-30-2010, 10:51 PM   #7
orangesky
Member
 
Registered: Jun 2009
Posts: 87

Original Poster
Rep: Reputation: 17
Quote:
Originally Posted by Hangdog42 View Post
Actually not a stupid question. You're safe from ssh attacks if you don't have ssh running. If you follow repo's advice and simply turn it off, that makes you as safe as removing the software. If you're not interested in remote connectivity, then turning off ALL unneeded servers is probably a good idea. That includes things like Apache, Samba and several others. If you run the command lsof -i in a console, it will show you everything that is listening for a connection, and you can decide which ones you want to turn off.


Great. One other thing.

Now when I restart debian, in the list of services, it tells me
Code:
Starting firestarter firewall... failed!
Thanks for the replies.
 
Old 01-31-2010, 12:21 AM   #8
evo2
LQ Guru
 
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and Scientific Linux
Posts: 5,753

Rep: Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288Reputation: 1288
Did you run the configuration gui? Did you read what was in /usr/share/doc/firestarter/?

Evo2.

PS. Another easy to use firewall in Debian is arno-iptables-firewall: no gui just some simple debconf questions.
 
Old 01-31-2010, 12:32 PM   #9
nixfreakz
LQ Newbie
 
Registered: Dec 2009
Location: MN
Distribution: Archlinux eeepc , Debian, Slackware
Posts: 19

Rep: Reputation: 0
Are you directly connected to a DSL modem or cable modem ?
Or do you have a router connected so then your on a LAN , if so your blocking port 22 by default , also everyone is right you don't have to remove / purge the openssh package , depending on your distro for instance debian based
as root

vim /etc/ssh/sshd or whatever editor you use , you can go into sshd and # comment out the port number. also you can just down the services also.

/etc/services and put a comment # next to port 22 for ssh.
 
Old 01-31-2010, 02:16 PM   #10
Tinkster
Moderator
 
Registered: Apr 2002
Location: in a fallen world
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
Blog Entries: 11

Rep: Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910Reputation: 910
Quote:
Originally Posted by nixfreakz View Post
vim /etc/ssh/sshd or whatever editor you use , you can go into sshd and # comment out the port number. also you can just down the services also.

/etc/services and put a comment # next to port 22 for ssh.
That's a) a very round-about way when all it takes
is to take the x-flag of the init script and b) removing
the lines for ssh from /etc/services will only stop
looking up which name port 22 has.



Cheers,
Tink
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
Three SSH questions bollweevil Linux - Networking 1 03-28-2009 12:15 AM
SSH Questions Meabert Linux - Software 2 12-28-2005 02:24 AM
some SSH questions... nick1 SUSE / openSUSE 2 03-23-2005 06:24 AM
SSH Questions Tezdread Linux - Networking 7 02-05-2003 05:34 PM
SSH Questions Stevy123 Linux - Networking 4 10-01-2002 06:52 PM


All times are GMT -5. The time now is 12:01 PM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration