Linux - NewbieThis Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place!
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Hi,
now i want to disable my ssh server "permanently",which means it won't run unless i start it after i login.that is,it is disabled at boot time by default.
i have asked a similar question before,but i still have some confusions.
Say that now the ssh server is running.my system is ubuntu 10.04.
1:
Code:
nuli@nuli-laptop:~$ sudo netstat -lntpu
[sudo] password for nuli:
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 888/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1334/cupsd
tcp6 0 0 :::22 :::* LISTEN 888/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1334/cupsd
udp 0 0 0.0.0.0:68 0.0.0.0:* 1206/dhclient
udp 0 0 0.0.0.0:5353 0.0.0.0:* 992/avahi-daemon: r
udp 0 0 0.0.0.0:60143 0.0.0.0:* 992/avahi-daemon: r
then,
Code:
nuli@nuli-laptop:~$ sudo /etc/init.d/ssh stop
* Stopping OpenBSD Secure Shell server sshd [ OK ]
nuli@nuli-laptop:~$
but still,
Code:
nuli@nuli-laptop:~$ sudo netstat -lntpu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 2751/sshd
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1334/cupsd
tcp6 0 0 :::22 :::* LISTEN 2751/sshd
tcp6 0 0 ::1:631 :::* LISTEN 1334/cupsd
udp 0 0 0.0.0.0:68 0.0.0.0:* 1206/dhclient
udp 0 0 0.0.0.0:5353 0.0.0.0:* 992/avahi-daemon: r
udp 0 0 0.0.0.0:60143 0.0.0.0:* 992/avahi-daemon: r
nuli@nuli-laptop:~$ sudo service ssh stop
ssh stop/waiting
nuli@nuli-laptop:~$ sudo netstat -lntpu
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:631 0.0.0.0:* LISTEN 1334/cupsd
tcp6 0 0 ::1:631 :::* LISTEN 1334/cupsd
udp 0 0 0.0.0.0:68 0.0.0.0:* 1206/dhclient
udp 0 0 0.0.0.0:5353 0.0.0.0:* 992/avahi-daemon: r
udp 0 0 0.0.0.0:60143 0.0.0.0:* 992/avahi-daemon: r
now "service ssh stop" works,but it only effects till next boot.
3continue)
Code:
nuli@nuli-laptop:~$ sudo update-rc.d ssh default
update-rc.d: warning: ssh start runlevel arguments (none) do not match LSB Default-Start values (2 3 4 5)
usage: update-rc.d [-n] [-f] <basename> remove
update-rc.d [-n] <basename> defaults [NN | SS KK]
update-rc.d [-n] <basename> start|stop NN runlvl [runlvl] [...] .
update-rc.d [-n] <basename> disable|enable [S|2|3|4|5]
-n: not really
-f: force
The disable|enable API is not stable and might change in the future.
the shell gives me a warning:do not match LSB Default-Start values,this API is not stable and ...
what does this mean? still it can't disable the server "permanently",ethier.
what on earth should i do to solve this ?
thanks for any help!
Well,. you can "chkconfig sshd off" and "service sshd stop" to start. Also, you could disable it in the kernel -- with a 'blacklist sshd' or whatever the module is called, maybe.
all of your suggestions have been tried,but,to be frank,i am not satisfied with them."chkconfig" is a command in redhat/fedora,while i am using ubuntu.thanks for your help.
Ubuntu uses upstart in the latest release, while chkconfig is for another system startup method. I.e. in /etc/init should be a file sshd where the line with "start on ..." needs to be removed (or move the complete file to some other location).
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.