How to disable local ssh on balena OS

Hello, I would like to disable sshd all together on my devices running the Balena OS. I’ve read through the docs but I couldn’t find a way to disable sshd from balenaEngine or API. I’ve tried killing the sshd.socket which disabled the ssh access on my device, but I was wondering if there is a way to do this using balenaEngine or API, or maybe something in the config.json?

1 Like

Hello @ajalal welcome to the balena community!

I think this is not possible on balena. Nevertheless I asked internally to see if there is a way to do it or a feature we can add.

Could you please let us know more about your use case on why do you need to disable local ssh access on your devices? Thanks

For security purposes, we keep ssh disabled on our devices is much as we can. Although it might sound weird, but it’s considered low risk when put on pen testing. So it’s not bad, but part of our requirements to have ssh disabled unless we tell it to wake up.

Hi, on production mode only SSH key based authentication is allowed. However, disabling SSH is not possible and has not been discussed as it is a core component in balenaCloud as a remote management platform.