Linux Security – How to Safely Insert USB Stick/Device to Linux Computer

hidSecurityusbusb device

When inserting a USB stick or device to computer, there is always the risk that the device is malicious, will act as an HID and potentially do some damage on the computer. How can I prevent this problem? Is disabling HID on specific USB port sufficient? How do I do that?

Best Answer

Install USBGuard — it provides a framework for authorising USB devices before activating them. It can pop up a notification when you connect a new device, asking you what to do; and it can store permanent rules for known devices so you don’t have to confirm over and over. Rules are defined using a comprehensive language with support for any USB attribute (including serial number, insertion port...), so you can write rules that are as specific as you want — whitelist this keyboard if it has this identifier, this serial number, is connected to this port, etc.

Best Answer

Related Solutions

USB – Can a USB Port on Linux Computer Be Made to Look Like a Mass Storage Device?

Virtual USB HID device

Related Question