10.4: Stop Bonjour from broadcasting ssh/sftp, plus...

Jun 25, '07 07:30:00AM

Contributed by: delight1

While looking for a way to disable Apple Remote Desktop and other services from the command line, I happened to be in /System » Library » LaunchDaemons. In my boredom, I opened ssh.plist in that directory, and find that Bonjour is a key. Anyway, skipping a long explanation and some inevitable tinkering, I figured out how to stop Bonjour from pointing out to the world (or at least my local network) that I have ssh enabled.

Be warned that while I have had no problems, I can not insure that you will not. This hint edits a system file, and messes with Bonjour, so think before you act. It also may take a system restart, in addition to undoing this hint, to re-enable Bonjour broadcasting of ssh and sftp. I would make a backup of /System » Library » LaunchDaemons » ssh.plist first, as we will be be deleting two strings from that file. (When I tried commenting them out, they disappeared after I stopped and restarted ssh.)

After you've made your backup, here's one way to edit the file:

sudo vi /System/Library/LaunchDaemons/ssh.plist
In the editor, delete these two lines:
<string>ssh</string>
<string>sftp-ssh</string>
They should be found around lines 22 and 23. Save the file and quit the editor. Then go to System Preferences » Sharing » Services, unlock it, disable Remote Login, and final re-enable Remote Login. You can check if things worked by using Bonjour Browser or some such similar app to be sure ssh/sftp no longer show up.

Lastly, to explain the plus in the hint title: A simple grep -ir bonjour . showed that eppc.plist, ftp.plist, and telnet.plist also had the Bonjour key. I don't use them myself, so this same trick may or may not work for those services, too.

Comments (9)


Mac OS X Hints
http://hints.macworld.com/article.php?story=20070622210507844