sshd starts upon reboot even though disabled in WHM Service Manager

[ryodo]

Hi All -

This is new, at least since our previous PCI scan 3 months ago. The scan showed sshd was listening on port 22, even though I've unchecked it in the WHM Service Manager. Checking sshd, restarting services, then unchecking it and restarting services again turned it off. However, when I rebooted, there it was again, listening on port 22. I double-checked Service Manager and it is still unchecked.

I'd rather not go under the hood and do something like remove it from the runlevel 3 directory. Is there a clean, WHM-friendly way to fix this?

 

[quizknows]

Firewall off port 22 from untrusted IP's? SSHD should not cause you to fail PCI scans. I advise against disabling it unless you have a hardware KVM to use for a console in case of issues.

 

[24x7server]

Hello,

I will suggest you please do not disable SSHD services on your server, You can change your SSHD port on your serve and It will improve your server security

 

[cPanelMichael]

Hello

I suggest installing CSF and blocking traffic to whichever ports you need to. That being said, you may want to consider running SSH on a separate port as it's possible you may need to access your server via SSH at some point. This thread is helpful:

[Tutorial] Interested in increasing the security of your server? Read this. (sshd hardening)

Thank you.

 

[ryodo]

Thank you all for your suggestions. I've simply been turning off SSH as the easiest way to plug the hole, but we do use CSF and SSH login is set to require keys, so I'll take your suggestions to close port 22 and leave SSH enabled on a distant port.