Linux - Newbie This Linux forum is for members that are new to Linux.
Just starting out and have a question?
If it is not in the man pages or the how-to's this is the place! |
Notices |
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
Are you new to LinuxQuestions.org? Visit the following links:
Site Howto |
Site FAQ |
Sitemap |
Register Now
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
|
|
01-29-2010, 06:33 PM
|
#1
|
Member
Registered: Jun 2009
Posts: 87
Rep:
|
SSH Questions
I've been reading up on ssh and I don't want anyone to connect to my computer. I am not interested in remote connectivity at all.
Should I uninstall ssh?
I ran
and debian returned "package ssh is not installed. 0 packages removed."
I also looked online and found out about /etc/ssh/ssh_conf but all of the lines on my computer were #'d out. I also added "PermitRootLogin no" at the end.
Am I safe from ssh attacks if I don't have ssh? Might be a stupid question but I don't want to fall victim.
Thank you for your replies.
edit: it seems as though I -do- have openssh-client and openssh-server installed.
Should I just leave my ssh config with PermitRootLogin no or apt-get remove openssh-client openssh-server.
Last edited by orangesky; 01-29-2010 at 06:58 PM.
|
|
|
01-29-2010, 06:58 PM
|
#2
|
Member
Registered: Nov 2009
Location: Alabama
Distribution: EndeavourOS
Posts: 650
Rep:
|
I believe in debian you are going to want to type in:
Code:
sudo apt-get remove --purge openssh-server
|
|
1 members found this post helpful.
|
01-29-2010, 07:05 PM
|
#3
|
LQ 5k Club
Registered: May 2001
Location: Belgium
Distribution: Arch
Posts: 8,529
|
Instead of uninstalling you can remove it from the runlevels, so it will not be started.
see rcconf
However, you should consider to use a good firewall.
|
|
|
01-29-2010, 07:11 PM
|
#4
|
Member
Registered: Jun 2009
Posts: 87
Original Poster
Rep:
|
Quote:
Originally Posted by repo
However, you should consider to use a good firewall.
|
I'm not too keen on what a firewall is. I have a standard router but I've seen hardware firewalls on newegg for a few hundred dollars.
Are you talking about a software firewall? If so, what is a good software firewall for linux, or is this some set of settings in debian.
|
|
|
01-29-2010, 07:20 PM
|
#5
|
Member
Registered: Jul 2009
Location: 75.126.162.205:80
Distribution: Arch / Mint 17
Posts: 297
Rep:
|
Quote:
Originally Posted by orangesky
I'm not too keen on what a firewall is. I have a standard router but I've seen hardware firewalls on newegg for a few hundred dollars.
Are you talking about a software firewall? If so, what is a good software firewall for linux, or is this some set of settings in debian.
|
Firestarter isn't very complex. It should do what you need.
|
|
|
01-30-2010, 07:25 AM
|
#6
|
LQ Veteran
Registered: Feb 2003
Location: Maryland
Distribution: Slackware
Posts: 7,803
|
Quote:
Am I safe from ssh attacks if I don't have ssh? Might be a stupid question but I don't want to fall victim.
|
Actually not a stupid question. You're safe from ssh attacks if you don't have ssh running. If you follow repo's advice and simply turn it off, that makes you as safe as removing the software. If you're not interested in remote connectivity, then turning off ALL unneeded servers is probably a good idea. That includes things like Apache, Samba and several others. If you run the command lsof -i in a console, it will show you everything that is listening for a connection, and you can decide which ones you want to turn off.
|
|
|
01-30-2010, 10:51 PM
|
#7
|
Member
Registered: Jun 2009
Posts: 87
Original Poster
Rep:
|
Quote:
Originally Posted by Hangdog42
Actually not a stupid question. You're safe from ssh attacks if you don't have ssh running. If you follow repo's advice and simply turn it off, that makes you as safe as removing the software. If you're not interested in remote connectivity, then turning off ALL unneeded servers is probably a good idea. That includes things like Apache, Samba and several others. If you run the command lsof -i in a console, it will show you everything that is listening for a connection, and you can decide which ones you want to turn off.
|
Great. One other thing.
Now when I restart debian, in the list of services, it tells me
Code:
Starting firestarter firewall... failed!
Thanks for the replies.
|
|
|
01-31-2010, 12:21 AM
|
#8
|
LQ Guru
Registered: Jan 2009
Location: Japan
Distribution: Mostly Debian and CentOS
Posts: 6,726
|
Did you run the configuration gui? Did you read what was in /usr/share/doc/firestarter/?
Evo2.
PS. Another easy to use firewall in Debian is arno-iptables-firewall: no gui just some simple debconf questions.
|
|
|
01-31-2010, 12:32 PM
|
#9
|
LQ Newbie
Registered: Dec 2009
Location: MN
Distribution: Archlinux eeepc , Debian, Slackware
Posts: 19
Rep:
|
Are you directly connected to a DSL modem or cable modem ?
Or do you have a router connected so then your on a LAN , if so your blocking port 22 by default , also everyone is right you don't have to remove / purge the openssh package , depending on your distro for instance debian based
as root
vim /etc/ssh/sshd or whatever editor you use , you can go into sshd and # comment out the port number. also you can just down the services also.
/etc/services and put a comment # next to port 22 for ssh.
|
|
|
01-31-2010, 02:16 PM
|
#10
|
Moderator
Registered: Apr 2002
Location: earth
Distribution: slackware by choice, others too :} ... android.
Posts: 23,067
|
Quote:
Originally Posted by nixfreakz
vim /etc/ssh/sshd or whatever editor you use , you can go into sshd and # comment out the port number. also you can just down the services also.
/etc/services and put a comment # next to port 22 for ssh.
|
That's a) a very round-about way when all it takes
is to take the x-flag of the init script and b) removing
the lines for ssh from /etc/services will only stop
looking up which name port 22 has.
Cheers,
Tink
|
|
|
All times are GMT -5. The time now is 03:12 PM.
|
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.
|
Latest Threads
LQ News
|
|