Howdy, Stranger!

It looks like you're new here. If you want to get involved, click one of these buttons!


VPS with no SSH?
New on LowEndTalk? Please Register and read our Community Rules.

All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.

VPS with no SSH?

netomxnetomx Moderator, Veteran
edited April 2012 in General

I was thinking about it... is it possible to disable SSH, and enter only via console? So, it will only be viable to hack the main server to access our VPS???

Comments

  • OneTwoOneTwo Member
    edited April 2012

    yes, you can sure do that. i'll actually make a web interface to enable/disable ssh on my 48mb ram vps to save memory.

  • i had to remove everything including ssh to get kloxo to install fully on a 128mbps box with no burst. so yes its possible and runs well really

  • Sure, nothing wrong with that.

  • netomxnetomx Moderator, Veteran

    Thank you!

  • Wouldn't risk doing that though, Even if its possible: you will be relying on the console of your VPS host. If there is a problem with it, your in bad luck ;-)

  • Yes. Just run "service ssh stop"
    It will add more security to the system :)

  • OneTwoOneTwo Member
    edited April 2012

    @ErawanArifNugroho said: It will add more security to the system :)

    Not really if he only allows a user with a difficult password in a high port.

    The only reason I do this is because my vps has 48mb ram ;P

  • @OneTwo said: The only reason I do this is because my vps has 48mb ram ;P

    Host a website on nokia symbian phone or what? :D

  • @NanoG6 said: Host a website on nokia symbian phone or what? :D

    That's a great idea!!

    Thanked by 1NanoG6
  • @exussum said: i had to remove everything including ssh to get kloxo to install fully on a 128mbps box with no burst. so yes its possible and runs well really

    This is why hosts should have prebuilt kloxo templates that use 16 MB of RAM (like ours or buyvm's or hostigations)

  • DerekDerek Member
    edited April 2012

    Simple, just make a PHP script to stop and start the service

    <?php if(!$_GET['p']=='password') die('wrong pass'); if((!$_GET['sat'] =='start') && (!$_GET['sat']=='stop')) die('internal error'); if(system('service ssh '.$_GET['sat'])) echo 'yah'; ?>

    PHP needs root :/ and I did not test this code, just tossed it together as an example :P.

  • @Derek that's not going to work. You can do it with sudo actually. if anyone wans i can make a script.

  • netomxnetomx Moderator, Veteran

    Another idea, is to use cron to activate it certain times of the day... seems like a good thing isnt it ;)

  • @netomx said: Another idea, is to use cron to activate it certain times of the day... seems like a good thing isnt it ;)

    yeah but if you want to do something quickly you're going to wait long.
    i will write a tutorial on doing this tomorrow.

  • netomxnetomx Moderator, Veteran

    @OneTwo said: yeah but if you want to do something quickly you're going to wait long.

    i will write a tutorial on doing this tomorrow.

    Or access the console ;)

    don't worry, I don't care. I was asking because I use that VPS for VPN, I dont even care about RAM

  • ah ok. anyway i will do a tutorial for people who might be interested.

  • @Derek said: PHP needs root :/

    So, it works

  • @bluevm yeah after the install and things are tweaked it uses much less. would be a useful template for providers to host

  • FranciscoFrancisco Top Host, Host Rep, Veteran

    @netomx said: I was thinking about it... is it possible to disable SSH, and enter only via console?

    It'd work, I'd also look into something that does an additional check whenever bash is run just because if your control panel user is ever compromised, your console user could be reset.

    Francisco

  • MrAndroidMrAndroid Member
    edited April 2012

    @Francisco said: It'd work, I'd also look into something that does an additional check whenever bash is run just because if your control panel user is ever compromised, your console user could be reset.

    Francisco

    I guess you could just run

    ps aux | grep -v grep | grep vzctl

    If it returns anything, send an email, if it doesn't then don't. Would be a fairly easy to make PHP script.

    Then you know if someone is logging into your VPS via the console, however your also be able to spot when your host snoops.

    Thanked by 2netomx mrm2005
Sign In or Register to comment.