Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
I've been reading up on ssh and I don't want anyone to connect to my computer. I am not interested in remote connectivity at all.
Should I uninstall ssh?
I ran
Code:
apt-get remove ssh
and debian returned "package ssh is not installed. 0 packages removed."
I also looked online and found out about /etc/ssh/ssh_conf but all of the lines on my computer were #'d out. I also added "PermitRootLogin no" at the end.
Am I safe from ssh attacks if I don't have ssh? Might be a stupid question but I don't want to fall victim.
Thank you for your replies.
edit: it seems as though I -do- have openssh-client and openssh-server installed.
Should I just leave my ssh config with PermitRootLogin no or apt-get remove openssh-client openssh-server.
Instead of uninstalling you can remove it from the runlevels, so it will not be started.
see rcconf
However, you should consider to use a good firewall.
However, you should consider to use a good firewall.
I'm not too keen on what a firewall is. I have a standard router but I've seen hardware firewalls on newegg for a few hundred dollars.
Are you talking about a software firewall? If so, what is a good software firewall for linux, or is this some set of settings in debian.
I'm not too keen on what a firewall is. I have a standard router but I've seen hardware firewalls on newegg for a few hundred dollars.
Are you talking about a software firewall? If so, what is a good software firewall for linux, or is this some set of settings in debian.
Firestarter isn't very complex. It should do what you need.
Am I safe from ssh attacks if I don't have ssh? Might be a stupid question but I don't want to fall victim.
Actually not a stupid question. You're safe from ssh attacks if you don't have ssh running. If you follow repo's advice and simply turn it off, that makes you as safe as removing the software. If you're not interested in remote connectivity, then turning off ALL unneeded servers is probably a good idea. That includes things like Apache, Samba and several others. If you run the command lsof -i in a console, it will show you everything that is listening for a connection, and you can decide which ones you want to turn off.
Actually not a stupid question. You're safe from ssh attacks if you don't have ssh running. If you follow repo's advice and simply turn it off, that makes you as safe as removing the software. If you're not interested in remote connectivity, then turning off ALL unneeded servers is probably a good idea. That includes things like Apache, Samba and several others. If you run the command lsof -i in a console, it will show you everything that is listening for a connection, and you can decide which ones you want to turn off.
Great. One other thing.
Now when I restart debian, in the list of services, it tells me
Are you directly connected to a DSL modem or cable modem ?
Or do you have a router connected so then your on a LAN , if so your blocking port 22 by default , also everyone is right you don't have to remove / purge the openssh package , depending on your distro for instance debian based
as root
vim /etc/ssh/sshd or whatever editor you use , you can go into sshd and # comment out the port number. also you can just down the services also.
/etc/services and put a comment # next to port 22 for ssh.
vim /etc/ssh/sshd or whatever editor you use , you can go into sshd and # comment out the port number. also you can just down the services also.
/etc/services and put a comment # next to port 22 for ssh.
That's a) a very round-about way when all it takes
is to take the x-flag of the init script and b) removing
the lines for ssh from /etc/services will only stop
looking up which name port 22 has.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.