Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Linux Mint 17.1 : Disable Remote Administration


  • Please log in to reply
12 replies to this topic

#1 The Uprightman

The Uprightman

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Oz (aka Australia)
  • Local time:12:02 AM

Posted 27 June 2015 - 12:54 AM

Hi all, 

Could someone please advise where I find the option to disable remote administration?

 

I found an article here : http://askubuntu.com/questions/27559/how-do-i-disable-remote-ssh-login-as-root-from-a-server

Unfortunately it seems that I do not know enough about making a change to this file : /etc/ssh/sshd_config 

 

When I added this line to the file : "PermitRootLogin no" I found that I was unable to save the now changed document. Upon reading the information provided on the document it states the following :

"Any configuration value is only changed the first time it is set. Thus, host-specific definitions should be at the beginning of the configuration file, and defaults at the end."

I really do not know where I should be adding this line and how to save the change so that it takes effect.

Thanks for any help provided.


Edited by The Uprightman, 27 June 2015 - 11:39 PM.


BC AdBot (Login to Remove)

 


#2 pcpunk

pcpunk

  • Members
  • 5,997 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:02 AM

Posted 28 June 2015 - 12:29 AM

Maybe this will help you, I 'm still reading it so just take a look.  Open Menu and type "Sharing" and the gui will come up.  Or Menu>Preferences>Desktop Sharing:  https://www.linux.com/learn/tutorials/342639-remote-administration-with-linux 

 

It seems as though it is disabled by default.


Edited by pcpunk, 28 June 2015 - 12:32 AM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#3 The Uprightman

The Uprightman
  • Topic Starter

  • Members
  • 37 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:The Land of Oz (aka Australia)
  • Local time:12:02 AM

Posted 28 June 2015 - 05:26 AM

Thank you Pcpunk !

I have been reading some articles whilst waiting for a response here, they all seem to state the same thing  (i.e remote administration is disabled by default) so not sure why it was recommended that I disable it.



#4 mremski

mremski

  • Members
  • 497 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NH
  • Local time:10:02 AM

Posted 29 June 2015 - 06:14 AM

Thank you Pcpunk !

I have been reading some articles whilst waiting for a response here, they all seem to state the same thing  (i.e remote administration is disabled by default) so not sure why it was recommended that I disable it.

Belt and Suspenders approach.

Depending on the distribution, there may be a "server" version and a "home" version.  They are basically the same, the difference is largely what is turned on by default.  Servers, by definition serve things;  these things being "services".  SSH (Secure SHell) is the preferred way to login into a system remotely. The "not as secure" way is telnet.  Now when you let folks log into a system remotely you have to decide how you want them to.  The user root is special;  think of the Administrator user in Windows.  You don't want to allow this user to access the system remotely.  Force someone to login as a normal user, if they need to do something that requires root privileges, they can use the command "sudo".  Much better security that way.

 

As for reading these types of articles:  read as much as you can, then go read some more.  Don't blindly follow what the articles say, understand what they are saying, take a look at your system, see if you need to do anything.

 

For example, the original article, what was the goal?  To make sure that remote administration was disabled on a system.  They had you go modify the sshd config file, to explicitly disallow remote root login.  So you could have simply looked at your config file to see if the parameter (PermitRootLogin) was present and what value it was set to.

 

 

Oh, and if you have questions or need help understanding things you've read, ask here.  Folks are more than willing to try to help, just be mindful of the time difference.


FreeBSD since 3.3, only time I touch Windows is to fix my wife's computer


#5 pcpunk

pcpunk

  • Members
  • 5,997 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:02 AM

Posted 01 July 2015 - 12:03 AM

I thought this was a good article also, it gives you commands to check what is running and more on how to disable them, enjoy.

 

http://www.tecmint.com/remove-unwanted-services-from-linux/


Edited by pcpunk, 01 July 2015 - 12:04 AM.

sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#6 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:02 AM

Posted 01 July 2015 - 01:30 AM

Unfortunately it seems that I do not know enough about making a change to this file : /etc/ssh/sshd_config

When I added this line to the file : "PermitRootLogin no" I found that I was unable to save the now changed document. Upon reading the information provided on the document it states the following :

 
To modify that file you need root.

WARNING,you are using a root account, And you may harm your system
 
In Linux mint go to /etc/ssh right click it and select open folder as root ,now open ssh_config.

 

WARNING,you are using a root account, And you may harm your system

 

mint.-%5Brunning%5D---oracle-vm-virtualb


Edited by NickAu, 01 July 2015 - 01:30 AM.


#7 NickAu

NickAu

    Bleepin' Fish Doctor


  • Moderator
  • 13,395 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:127.0.0.1 Australia
  • Local time:12:02 AM

Posted 01 July 2015 - 02:22 AM

 

it gives you commands to check what is running and more on how to disable them, enjoy.

 

 

.

 

 

Don’t just blindly disable  services. You will need to do some research here and decide for yourself what you do and don’t need. You also need to be careful not to disable services your system depends on or you will end up with a broken installation

[Guide] Practical GNU/Linux Security – Desktop Edition

Edited by NickAu, 01 July 2015 - 02:30 AM.


#8 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:10:02 AM

Posted 01 July 2015 - 02:24 AM

 

Could someone please advise where I find the option to disable remote administration?

 

 

The Uprightman, I thought that in the Topic where you first asked this, you were speaking of that of the local network, which is OS independent. I did answer that part of your question here in Post #46. 

 

http://www.bleepingcomputer.com/forums/t/578679/sophos-antivirus-for-linux/page-4

 

This is a sure fire way to disable it on the network, and I apologize for taking so long to respond. 

 

I've never performed this on the computer level, other than unchecked any options to allow Remote Assistance invitations on Windows. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#9 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:10:02 AM

Posted 01 July 2015 - 02:54 AM

 

 

it gives you commands to check what is running and more on how to disable them, enjoy.

 

 

Don’t just blindly disable the same services. You will need to do some research here and decide for yourself what you do and don’t need. You also need to be careful not to disable services your system depends on or you will end up with a broken installation.

 

+1! :thumbup2:

 

Disabling just one wrong service may lead to an unbootable computer, with a reinstall the only way back. 

 

If one plans to do a lot of experimenting with the OS, I recommend a backup with Timeshift first, this allows one to get back to the point of where any changes were made. 

 

http://www.howtogeek.com/206491/how-to-restore-your-ubuntu-linux-system-to-its-previous-state/

 

Nick has a Tutorial on this somewhere, though I couldn't find it, may have been moved. All one needs to use Timeshift is an ext4 formatted drive (good way to recycle those SATA-1 HDD's laying around), and the software, as explained in the Tutorial. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#10 pcpunk

pcpunk

  • Members
  • 5,997 posts
  • ONLINE
  •  
  • Gender:Male
  • Location:Florida
  • Local time:10:02 AM

Posted 01 July 2015 - 03:18 AM

  1. "Open a terminal and navigate to the /etc/init directory. This is where Ubuntu stores its service configuration files. Each configuration file here represents a service."

How do I do this, don't want to change anything but just take a look via. terminal.  I tried a few things but no success.


sBCcBvM.png

Created by Mike_Walsh

 

KDE, Ruler of all Distro's

eps2.4_m4ster-s1ave.aes_pcpunk_leavemehere

 


#11 Al1000

Al1000

  • Global Moderator
  • 7,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:03:02 PM

Posted 01 July 2015 - 03:24 AM

To change your working directory to /etc/init open a terminal and type:
 
cd /etc/init
To list files in the current working directory, type:
 
ls


#12 cat1092

cat1092

    Bleeping Cat


  • BC Advisor
  • 7,018 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:North Carolina, USA
  • Local time:10:02 AM

Posted 01 July 2015 - 03:26 AM

pcpunk, you need a text editor, such as Leafpad, installed to view or change these files. 

 

To install them all, just enter this in the Terminal. 

 

 

 

sudo apt-get install gnome-commander libgnomevfs2-extra leafpad pavucontrol

 

This will give you a lot of needed tools to work with. 

 

Cat


Performing full disc images weekly and keeping important data off of the 'C' drive as generated can be the best defence against Malware/Ransomware attacks, as well as a wide range of other issues. 


#13 Al1000

Al1000

  • Global Moderator
  • 7,883 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Scotland
  • Local time:03:02 PM

Posted 01 July 2015 - 03:34 AM

Indeed, a text editor would be required to change any of these files.

In order to read, but not edit the files, I suggest using a reader such as less. For example to read the ufw configuration file in /etc/init when etc/init is the current working directory:
less ufw.conf
(Press q to quit less and return to command prompt)

Edited by Al1000, 01 July 2015 - 03:36 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users