tony1812
Posts: 354
Joined: Sat Jul 15, 2017 12:40 pm
Location: Boston MA.

Disable SSH waring.

Fri Dec 21, 2018 9:37 pm

I asked this question before but never got an answer. Instead, I got an ear full of security. I am well aware that this is a potential risk. so please don't lecture me,
I have Pi 3 with the latest updated Stretch. How can I disable this warning (at least disable this dialog to show up.)? "SSH is enabled..." Thank you.

DirkS
Posts: 9839
Joined: Tue Jun 19, 2012 9:46 pm
Location: Essex, UK

Re: Disable SSH waring.

Fri Dec 21, 2018 10:32 pm

When and where do you see exactly what warning?

jbudd
Posts: 836
Joined: Mon Dec 16, 2013 10:23 am

Re: Disable SSH waring.

Fri Dec 21, 2018 11:32 pm

Absolutely the easiest way to disable this warning is to change the password.

However if you prefer not to do so, this command might help you track it down:

Code: Select all

sudo grep -R "SSH is enabled" /etc /lib /bin /usr 2>/dev/null

User avatar
rpdom
Posts: 14425
Joined: Sun May 06, 2012 5:17 am
Location: Chelmsford, Essex, UK

Re: Disable SSH waring.

Sat Dec 22, 2018 4:10 am

I remove the file /etc/profile.d/sshpwd.sh when I'm setting up a test Pi (actually, I have a script on my laptop that installs a Raspian image to an SD card and does a load of pre-configuration for me, including deleting that file).

User avatar
Imperf3kt
Posts: 2396
Joined: Tue Jun 20, 2017 12:16 am
Location: Australia

Re: Disable SSH waring.

Sat Dec 22, 2018 7:16 am

What does the warning say and why are you ignoring it?
Change default password before enabling SSH. If you know about the security risks of not doing so, you'd know you should never see the SSH warning if you actually followed proper security procedures.


The warning is meant to be annoying, it is meant to be intrusive, it is meant to be seen and it is meant to force you to change the default password.
Google is ubiquitous - Try it today, it's free!
https://opensource.com/life/16/10/how-ask-technical-questions

User avatar
DougieLawson
Posts: 35354
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Disable SSH waring.

Sat Dec 22, 2018 11:36 am

Imperf3kt wrote:
Sat Dec 22, 2018 7:16 am
The warning is meant to be annoying, it is meant to be intrusive, it is meant to be seen and it is meant to force you to change the default password.
There's even an option in the preferences GUI and in sudo raspi-config to help you change the password for the pi user. As long as the password isn't set to "raspberry" that nagware program stays silent.
Note: Having anything remotely humorous in your signature is completely banned on this forum.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

tony1812
Posts: 354
Joined: Sat Jul 15, 2017 12:40 pm
Location: Boston MA.

Re: Disable SSH waring.

Sat Dec 22, 2018 3:09 pm

Thank you for the replies. None of the above methods works. Here we go again, some start to lecture about security. I repeat this is a private machine, security is least of my concern, I am not paranoid like some people I don't want to change the password because I would have to remember yet another password, then I would have to write it down, yah, that's really secured. Plus my question is how to disable message not how to secure it. So please provide a usefully straight answer.

jbudd
Posts: 836
Joined: Mon Dec 16, 2013 10:23 am

Re: Disable SSH waring.

Sat Dec 22, 2018 3:38 pm

Two people asked you in precisely what circumstances you see the message.
It's just possible that if you answered they could tell you a usefully straight answer that applies in your particular case.
But you seem too concerned with telling us that you don't care about security to answer the question.

Are you using the command line or the GUI? Using a monitor/keyboard or ssh?
Do you want to login with user pi and password "password"?
Would you prefer to login with user pi and a blank password?
Or do you want it to login automatically?

klricks
Posts: 6435
Joined: Sat Jan 12, 2013 3:01 am
Location: Grants Pass, OR, USA
Contact: Website

Re: Disable SSH waring.

Sat Dec 22, 2018 3:50 pm

tony1812 wrote:
Sat Dec 22, 2018 3:09 pm
Thank you for the replies. None of the above methods works. Here we go again, some start to lecture about security. I repeat this is a private machine, security is least of my concern, I am not paranoid like some people I don't want to change the password because I would have to remember yet another password, then I would have to write it down, yah, that's really secured. Plus my question is how to disable message not how to secure it. So please provide a usefully straight answer.
The answer was already given by jbudd above.

There are 2 password nag files, one for console and one for GUI.

Console: (Message that appears on console after ssh login)

Code: Select all

/etc/profile.d/sshpwd.sh
GUI:

Code: Select all

/etc/xdg/lxsession/LXDE-pi/sshpwd.sh
Rename or remove both files.
Unless specified otherwise my response is based on the latest and fully updated Raspbian Buster w/ Desktop OS.

User avatar
Imperf3kt
Posts: 2396
Joined: Tue Jun 20, 2017 12:16 am
Location: Australia

Re: Disable SSH waring.

Sun Dec 23, 2018 12:53 am

Okay, let's assume you know what you're doing about security. Are you connected to the internet?
If you leave the default password for even moments without changing it, you may already be compromised.

So I'll assume you're aware of this since you claim you know, and stop pestering you about it.


To answer your question, as stated by other users, delete the mentioned files.
Google is ubiquitous - Try it today, it's free!
https://opensource.com/life/16/10/how-ask-technical-questions

klricks
Posts: 6435
Joined: Sat Jan 12, 2013 3:01 am
Location: Grants Pass, OR, USA
Contact: Website

Re: Disable SSH waring.

Sun Dec 23, 2018 2:12 am

Imperf3kt wrote:
Sun Dec 23, 2018 12:53 am
Okay, let's assume you know what you're doing about security. Are you connected to the internet?
If you leave the default password for even moments without changing it, you may already be compromised.
....
Doesn't a port for remote ssh access need to be enabled on the router in order for there to be any security threat?
Unless specified otherwise my response is based on the latest and fully updated Raspbian Buster w/ Desktop OS.

User avatar
DougieLawson
Posts: 35354
Joined: Sun Jun 16, 2013 11:19 pm
Location: Basingstoke, UK
Contact: Website Twitter

Re: Disable SSH waring.

Sun Dec 23, 2018 8:31 am

If you open port 22 on your router with the default password you have about four minutes left before your RPi in compromised.

If the pi user is still in the sudoers file the attacker has root access.

Any machine with root access has, effectively, compromised EVERY machine on your LAN including your router and your printer.

It is trivial to change the password and gain some security.

It is trivial to update sshd to disallow passwords in favour of public/private keys.

What's the problem with doing that?
Note: Having anything remotely humorous in your signature is completely banned on this forum.

Any DMs sent on Twitter will be answered next month.

This is a doctor free zone.

Return to “Beginners”