[SOLVED] Sshd is auto-activated without any reasons. Bug or hack?
SlackwareThis Forum is for the discussion of Slackware Linux.
Notices
Welcome to LinuxQuestions.org, a friendly and active Linux Community.
You are currently viewing LQ as a guest. By joining our community you will have the ability to post topics, receive our newsletter, use the advanced search, subscribe to threads and access many other special features. Registration is quick, simple and absolutely free. Join our community today!
Note that registered members see fewer ads, and ContentLink is completely disabled once you log in.
If you have any problems with the registration process or your account login, please contact us. If you need to reset your password, click here.
Having a problem logging in? Please visit this page to clear all LQ-related cookies.
Get a virtual cloud desktop with the Linux distro that you want in less than five minutes with Shells! With over 10 pre-installed distros to choose from, the worry-free installation life is here! Whether you are a digital nomad or just looking for flexibility, Shells can put your Linux machine on the device that you want to use.
Exclusive for LQ members, get up to 45% off per month. Click here for more info.
Sshd is auto-activated without any reasons. Bug or hack?
I've been looking at top command today, and i've seen sshd, but i didn't activated it in the installation setup because i don't use it. So i've killed it and went to pkgtool to rerun services config to verify and i was surprised to see sshd selected. I had the same problem at work, but i though it was my boss who did that to spy me, because he had my passwords (i've installed myself this PC too and didn't activated ssh too). Now i'm asking myself (and you) if it's a bug or a hack.
Maybe a update overwrote the script and make it executable.
You could also accidentally could typed: chmod +x ./ and press enter without completing the filename.
Edit: I've just checked the first one, and latest openssh package comes with the /etc/rc.d/rc.sshd script executable by default (it's not a bug, but it's not a good thing also).
Thx. I've take a look if i can remove the ssh package but there's no one!!!!!!
The fact is i'm behing a firewall that don't let my pc hosts any server. Can ssh pass through?
To block ssh connections you should have port 22 blocked.
The package is called openssh but be sure if you want to remove it, because it also contains the client.
Well, i'm not going to remove it because i want to learn it, but i'm still anxious... So i'll "top" every 5 minutes . Bug or hack, that is the linuxquestion...
If the /etc/rc.d/rc.sshd script is not marked executable, it will not start on boot.
Someone has to be remotely starting it.. but to do that, you've got to have sshd or telnet enabled, more than likely. So it's kind of a chicken/egg thing.
First, chmod -x /etc/rc.d/rc.sshd
Then, you can also disable inetd which might be configured to start telnet on demand as well.
I'll bet it just gets started every boot and you havent' realized it.
No i don't think, because i often install slack and i never activate this, and i check often top, so i never see this before. I think it's a bug. I hope it's a bug.
make sure /etc/rc.d/rc.sshd is not set as executable.
You could also comment out the section that starts rc.sshd in /etc/rc.inet2
After a reboot, check to see immediately if sshd is running.
Code:
ps -aux |grep sshd
You could also change the permissions of /sbin/sshd to unexecutable.
That's one problem with the auto updaters. Things happen on your system and the operator has no clue. Even if you are going to use these, you need to read the changelogs to see what was done.
hehe... this reminds me of when ftpd was started by default with slack 9.1. I must have had that running for a good 5 months before catching it on and shutting it off.
LinuxQuestions.org is looking for people interested in writing
Editorials, Articles, Reviews, and more. If you'd like to contribute
content, let us know.