Solved remove the OpenSSH server package entirely on Kali Linux.

Solved issue

hacktheworld

Active Member
Joined
Mar 28, 2023
Messages
192
Reaction score
74
Credits
1,462
If you don’t need to SSH into your Kali Linux machine at all, then it’s probably best to simply remove the OpenSSH server package entirely. This gives attackers one less way to infiltrate your system.

$ sudo apt remove openssh-server

I do not require openssh-server: is it safe to remove openssh-server as described above?
Is it true that this gives attackers one less way to infiltrate your system?
Thank you
 


this gives attackers one less way to infiltrate

"one" less. true,
what is the output of netstat -a
how many other network processes do you have running?
 
I do not require openssh-server: is it safe to remove openssh-server as described above?
Is it true that this gives attackers one less way to infiltrate your system?
No to both.

1. If you don't need SSH server simply disable the service.
2. If the service is disabled then attackers can't exploit it.
 
"one" less. true,
what is the output of netstat -a
how many other network processes do you have running?

The output by typing netstat -a is a huge string of network processes, I can't even take a screenshot.
 
No to both.

1. If you don't need SSH server simply disable the service.
2. If the service is disabled then attackers can't exploit it.
No to both.

1. If you don't need SSH server simply disable the service.
2. If the service is disabled then attackers can't exploit it.

Please, how can I disable the service?
 
Run netstat -a > netstat_results.txt and then attach the text file, I suppose.
 
Please, how can I disable the service?
By using systemctl
Bash:
# Disable service from auto startup on boot
sudo systemctl disable openssh-server

# Stop service if it's running
sudo systemctl stop openssh-server

Also btw. netstat is deprecated and replacement is ss command, e.g.

Bash:
sudo ss -tunlp state all

Will list all open ports for both UDP and TCP and will list processes associated with them.
"state all" will also list currently established connections and their connection status.
 
By using systemctl
Bash:
# Disable service from auto startup on boot
sudo systemctl disable openssh-server

# Stop service if it's running
sudo systemctl stop openssh-server
You can do it all in one command.
Code:
sudo systemctl disable sshd --now
 
By using systemctl
Bash:
# Disable service from auto startup on boot
sudo systemctl disable openssh-server

# Stop service if it's running
sudo systemctl stop openssh-server

Also btw. netstat is deprecated and replacement is ss command, e.g.

Bash:
sudo ss -tunlp state all

Will list all open ports for both UDP and TCP and will list processes associated with them.
"state all" will also list currently established connections and their connection status.
I have typed:

systemctl disable ssh

then I typed:
systemctl status ssh.service

The output is:
systemctl status ssh.service
○ ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/usr/lib/systemd/system/ssh.service; disabled; preset: disabled)
Active: inactive (dead)
Docs: man:sshd(8)
man:sshd_config(5)

It's correct?
 
sudo systemctl disable sshd --now
Maybe the service is called different on Kali, something that was implied since I would expect you to know that? Try this?
Code:
sudo systemctl disable ssh --now
 
Maybe the service is called different on Kali, something that was implied since I would expect you to know that? Try this?
Code:
sudo systemctl disable ssh --now
sudo systemctl disable ssh --now
[sudo] password for sunset:
Synchronizing state of ssh.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install disable ssh

Then I have checked:
systemctl status ssh.service
○ ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/usr/lib/systemd/system/ssh.service; disabled; preset: disabled)
Active: inactive (dead)
Docs: man:sshd(8)
man:sshd_config(5)

Please do you think it's correct?
 
Please do you think it's correct?
Yes, as your status output shows it's disabled and stopped. When you run "disable" it disables the services from starting and when you run "--now" it stops it now.

So this.
Code:
sudo systemctl disable ssh --now
Does the same thing as running these two commands.
Code:
sudo systemctl disable ssh
sudo systemctl stop ssh
 
Last edited:
Yes, as your status output shows it's disabled and stopped. When you run "disable" it disables the services from starting and when you run "--now" it stops it now.

So this.
Code:
sudo systemctl disable ssh --now
Does the same thing as running these two commands.
Code:
sudo systemctl disable ssh
sudo systemctl stop ssh
Thank you very much!!
 

Members online


Top