Linux Disable USB Devices (Disable loading of USB Storage Driver)

In our research lab I'd like to disable all USB devices connected to our HP Red Hat Linux based workstations. I'd like to disable USB flash or hard drives, which users can use with physical access to a system to quickly copy sensitive data from it. How do I disable USB device support under RHEL 5.x workstation operating systems?

The USB storage drive automatically detects USB flash or hard drives. You can easily force and disable USB storage devices under any Linux distribution. The modprobe program used for automatic kernel module loading and can be configured to not load the USB storage driver upon demand. This will prevent the modprobe program from loading the usb-storage module, but will not prevent root (or another program) from using the insmod program to load the module manually.

Type the following command:
# echo 'install usb-storage : ' >> /etc/modprobe.conf

You can also remove USB Storage driver, enter:
# ls /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko
# mv /lib/modules/$(uname -r)/kernel/drivers/usb/storage/usb-storage.ko /root


BIOS option

You can also disable USB from system BIOS configuration option. Make sure BIOS is password protected.

Grub option

You can get rid of all USB devices by disabling kernel support for USB via GRUB. Open grub.conf or menu.lst (Under Debian / Ubuntu Linux) and append "nousb" to the kernel line as follows:

kernel /vmlinuz-2.6.18-128.1.1.el5 ro root=LABEL=/ console=tty0 console=ttyS1,19200n8 nousb

Save and close the file. Once done just reboot the system:
# reboot

Featured Articles:

• 20 Linux System Monitoring Tools Every SysAdmin Should Know
• 20 Linux Server Hardening Security Tips
• My 10 UNIX Command Line Mistakes
• The Novice Guide To Buying A Linux Laptop
• 10 Tools To Add Some Spice To Your UNIX Shell Scripts