disable usb storage

How to Block USB Storage Devices in Linux

Team Fedingo

Almost every Linux systems allow you to mount USB devices and work with them. Some Linux systems even have automatic device detection and mounting for USB devices. But system administrators often need to block USB storage devices in Linux. This is required especially in organizations where data theft is a possibility. So it is advisable to block USB storage devices in Linux to prevent users from stealing data using them while they work on their systems. In this article, we will learn how to block USB storage devices in Linux.


How to Block USB Storage Devices in Linux

First of all, we need to identify the device driver installed for USB drives, on your system. Then we need to check if it is loaded into Linux kernel. For this purpose, we will use lsmod command. It will list all device drivers loaded in kernel. But its output can be really long so we pass it through grep command and search for ‘usb_storage’ to get the line pertaining to USB devices.

# lsmod | grep usb_storage

Here is a sample output. We see that sub_storage module is used by UAS. So we unload both these modules and verify their removal with the following commands.

# modprobe -r usb_storage
# modprobe -r uas
# lsmod | grep usb

Next, we will list the content of current runtime kernel USB storage modules directory using the following command.

# ls /lib/modules/`uname -r`/kernel/drivers/usb/storage/

We will look for usb-storage driver name. It is generally named as usb-storage.ko.xz or usb-storage.ko.

To block USB devices, we need to block USB storage module from loading into kernel, change directory to kernel USB storage modules path. We also need to rename usb-storage.ko.xz module to usb-storage.ko.xz.blacklist.

RHEL/CentOS/Fedora

# cd /lib/modules/`uname -r`/kernel/drivers/usb/storage/
# ls
# mv usb-storage.ko.xz usb-storage.ko.xz.blacklist

Ubuntu/Debian

$ cd /lib/modules/`uname -r`/kernel/drivers/usb/storage/ 
$ ls
$ mv usb-storage.ko usb-storage.ko.blacklist

Now whenever the user plugs into USB storage, the kernel will fail to load the USB drivers and the device won’t be accessible. If you want to undo the above changes, just run the following commands.

# cd /lib/modules/`uname -r`/kernel/drivers/usb/storage/
# mv usb-storage.ko.xz.blacklist usb-storage.ko.xz

Please note, this approach works only for runtime kernel modules. If you want to blacklist USB storage from all available kernels, you need to each kernel module directory’s version path and rename the usb-storage.ko.xz to usb-storage.ko.xz.blacklist.

On some systems, you may need to reboot the system to apply changes.

In this article, we have learnt how to disable USB devices in Linux. Basically, when we insert USB device in a Linux system, it loads the kernel drivers for it. To disable USB devices, we prevent them being loaded.

Also read:

How to Enable Debugging Mode in SSH
How to Copy Column to Another Column in MySQL
How to Add Header in CSV File Using Shell Script
How to Create Yum Repository in RHEL Using ISO Image
How to Setup Local Yum Repository in RHEL/CentOS

Related posts:

Find files with special characters in name Linux
How to Debug Shell Script
How To Enable Multi-factor Authentication in SSH
How to Generate Strong Pre Shared Key in Linux
How to Install PgAdmin 4 in Ubuntu
How to Add Route in Linux
How to Clone Partition or Hard Disk in Linux
How to Set Vim Default Editor for Git

Leave a Reply

Your email address will not be published. Required fields are marked *