If I do not install openssh when creating an ubuntu server, can someone still SSH into the server?

quantfinancequest

1/5/23, 11:17 PM

Ubuntu server gives me the option to install openssh. If I reject this, is there anything more I must do in order to completely disable SSH from my server?

303

1 + 2

ssh

openssh

user535733

1/5/23, 11:48 PM

"openssh" is vague. The package you seemingly don't want is `openssh-server`. Removing (or not installing) that package will indeed prevent SSH logins, as no service will be listening for connection attempts. No other action is necessary.

waltinator

1/6/23, 12:21 AM

How do you plan to access the server? Wouldn't it be better to configure "sshd" properly? There are decades of `sshd` experience available on the Internet.

Score:3

Ubuntu

CrazyTux

1/5/23, 11:40 PM

Background:

OpenSSH is the premier connectivity tool for remote login with the SSH protocol, It encrypts all traffic to eliminate eavesdropping.
The OpenSSH server component, sshd (ssh deamon), listens continuously for client connections from any of the client tools.

To your specific question:

As far as i know and read on official ubuntu site https://ubuntu.com/server/docs/service-openssh sshd does not comes by default on ubuntu server.
To be sure that you do not have sshd installed, you can run this command which sshd.
Furthemore you can check the default file of the sshd configuration /etc/ssh/sshd_config which should not be found.
You can also make sure that your server is not listening to ssh port by run the command netstat -tulpn4.
- note that the default port for sshd service is 22.
- to be able to execute netstat command you have to install net-tools which can be installed by sudo apt install net-tools
- the output of executing netstat -tulpn4 will be by this format:


(Not all processes could be identified, non-owned process info
 will not be shown, you would have to be root to see it all.)
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      -                   
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      -                  
tcp        0      0 0.0.0.0:1122            0.0.0.0:*               LISTEN      -                   
tcp        0      0 0.0.0.0:3333            0.0.0.0:*               LISTEN      -                   
udp        0      0 127.0.0.53:53           0.0.0.0:*                           -

To avoid ssh access to your server you can:
- not install sshd in the first place.
- install and disable the sshd service by this command systemctl disable sshd.service

In Addition:

There are few more services that`s enabling shell connection to a server:
- dropbear - lightweight SSH server.
- telnet - user interface to the TELNET protocol, The telnet command is used for interactive communication with another host using the TELNET protocol.
- if you wanna make sure that your server is safe from any type of connection it is recommended to check that those services are disabled or uninstalled.
- Note that a configuration solution can also be found to secure the server.
- Finally, it is recommended to use the netstat tool and examine all the open ports on the server in order to detect security gaps and understand the server services.

0 + 0

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: If I do not install openssh when creating an ubuntu server, can someone still SSH into the server?

TH: หากฉันไม่ติดตั้ง opensh เมื่อสร้างเซิร์ฟเวอร์ ubuntu คนอื่นยังสามารถใช้ SSH ในเซิร์ฟเวอร์ได้หรือไม่

RO: Dacă nu instalez openssh când creez un server ubuntu, mai poate cineva să intre SSH pe server?

RU: Если я не устанавливаю openssh при создании сервера ubuntu, может кто-нибудь еще подключиться к серверу по SSH?

VI: Nếu tôi không cài đặt openssh khi tạo máy chủ ubuntu, ai đó vẫn có thể SSH vào máy chủ chứ?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.