Reply
 
Thread Tools Display Modes
  #1  
Old 10-15-2005, 05:43 AM
kpm292 kpm292 is offline
Junior Member
 
Join Date: Oct 2005
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to kpm292
Default How to turn off SSH in PC-BSD.
PC-BSD 0.8.2 automatically turns on SSH after the initial install. If you have no need to connect to your machine remotely via SSH, then it would probably be a good idea to turn this option off due to security issues. This can easily be turned off by opening your command line and editing the rc.conf file. To do this follow these simple steps:

1. Open the command line and type in the command "su", without the quotes.

2. Type in your root password.

3. Next type in "cd /etc".

4. Now edit the file by typing "ee rc.conf"

5. Scroll down with the arrow keys until you see this line "sshd_enable="YES".

6. Change this line to "sshd_enable="NO" By deleting the YES and typing in NO.

7. Now press the ESC button and choose the a) option Leave the editor by pressing enter.

8. The next screen will ask you if you want to save changes press the enter key to do so.

Now after you restart your system SSH will be turned off. Hope this helps some of you out.
Reply With Quote
  #2  
Old 10-15-2005, 07:58 AM
antik antik is offline
Senior Member
 
Join Date: Jul 2005
Location: Estonia
Posts: 3,610
Thanks: 0
Thanked 0 Times in 0 Posts
Default Re: How to turn off SSH in PC-BSD.
Originally Posted by kpm292
PC-BSD 0.8.2 automatically turns on SSH after the initial install. If you have no need to connect to your machine remotely via SSH, then it would probably be a good idea to turn this option off due to security issues. This can easily be turned off by opening your command line and editing the rc.conf file. To do this follow these simple steps:
There is no need to turn ssh daemon off. Root login is disabled by default (not like in linux) and if you have some problem and can't log in... Ssh is needed for secure file transfer over internet and you friend can help you out, if there is unresolvable problem to you.
__________________
"All parts should go together without forcing. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer." -- IBM maintenance manual, 1975
Reply With Quote
  #3  
Old 10-15-2005, 08:58 AM
kpm292 kpm292 is offline
Junior Member
 
Join Date: Oct 2005
Posts: 4
Thanks: 0
Thanked 0 Times in 0 Posts
Send a message via MSN to kpm292
Default
Yes root login is disabled, but all you need to do is log in as a user and and gain root acess through su and you then pwn the box. I just logged in as a user via SSH on my machine and got root acess through su with no problem at all, after a default install. It would be wise to disable SSHd if you aren't using it. :twisted:
Reply With Quote
  #4  
Old 10-15-2005, 09:37 AM
antik antik is offline
Senior Member
 
Join Date: Jul 2005
Location: Estonia
Posts: 3,610
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Originally Posted by kpm292
Yes root login is disabled, but all you need to do is log in as a user and and gain root acess through su and you then pwn the box. I just logged in as a user via SSH on my machine and got root acess through su with no problem at all, after a default install. It would be wise to disable SSHd if you aren't using it. :twisted:
It is wise to remove users from wheel group. And remove you stickers with passwords to all your computers from monitor. Period.
__________________
"All parts should go together without forcing. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer." -- IBM maintenance manual, 1975
Reply With Quote
  #5  
Old 10-15-2005, 02:55 PM
Charles Charles is offline
Senior Member
 
Join Date: May 2005
Posts: 3,710
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Security is relative 8)
My best bet is a tradeoff between security and convenience.
Remove all post it's with the root password from the screen
Leave SSH enable for troubleshooting and convenience purpose, and also leave your account within the wheel group, but only your own account. This shouldn't compromise security, and it still should enable you to access your computer remotely :wink:
Reply With Quote
  #6  
Old 10-15-2005, 09:17 PM
shawn shawn is offline
Member
 
Join Date: Aug 2005
Posts: 46
Thanks: 0
Thanked 0 Times in 0 Posts
Default
I use SSH for the fish:// proto.

seems to be the only way I can transfer files between fbsd.. since samba by default doesn't work.
Reply With Quote
  #7  
Old 10-15-2005, 09:35 PM
antik antik is offline
Senior Member
 
Join Date: Jul 2005
Location: Estonia
Posts: 3,610
Thanks: 0
Thanked 0 Times in 0 Posts
Default
Originally Posted by shawn
I use SSH for the fish:// proto.

seems to be the only way I can transfer files between fbsd.. since samba by default doesn't work.
why samba doesn't work?

Code:
smb://ip.address
__________________
"All parts should go together without forcing. Therefore, if you can't get them together again, there must be a reason. By all means, do not use a hammer." -- IBM maintenance manual, 1975
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
How do you turn ON - WiFi NIC ?? Ben Hacker Jr Networking 7 01-25-2009 02:18 PM
How do I turn OFF the X screensaver?? kingneutron Tips and Tricks 1 10-05-2008 05:57 PM
Turn Off Sound Driver davebc15 Startup Bug Reports (read-only) 2 01-09-2008 11:27 PM
how turn off services? Marcelo Ramone General Questions 1 07-25-2006 03:51 AM
How to turn off SSH in PC-BSD. kpm292 General Questions 1 10-15-2005 11:02 AM


All times are GMT. The time now is 09:13 AM.


Powered by vBulletin® Version 3.8.5
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.

Copyright 2005-2010, The PC-BSD Project. PC-BSD and the PC-BSD logo are registered trademarks of iXsystems.
All other content is freely available for sharing under the terms of the Creative Commons Attribution License.