On 12/18/2014 at 12:08 AM, Britton Kerin wrote: > I have a system that I would like to make accessible only by ssh. > > No apache telnet ftp anything else. > > What is the easiest way to achieve this? It came from a vendor with > a slew of package of all sorts, so I don't even know everything that > I want to remove. The literal easiest way is probably to reinstall from scratch as a minimal system, then install openssh-server. If you want to transform your current system by removing externally-accessible services, I don't know of a strictly "easy" way, but if I wanted to do that on a machine under my control, what I'd do is: * Get a list of open ports by running 'nmap localhost' (or by running nmap against the system from a different machine, which might give more reliable results). * Do some guesswork against the installed package list to figure out what might be opening each of the listed ports. * Remove all of those packages except for the chosen SSH server package. The guesswork is the difficult part, and although it doesn't seem terribly difficult from my end when I do a trial run (omitting the final "remove" part) on my own system, I can imagine that it could easily enough be more difficult under your circumstances. I don't have any good suggestions for how to make it any easier. -- The Wanderer The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore all progress depends on the unreasonable man. -- George Bernard Shaw
Attachment:
signature.asc
Description: OpenPGP digital signature