How to Block USB storage in CentOS 7 

How to Block USB Storage in CentOS 7

When you connect a USB storage device to your computer, by default it will mount the storage and allows the user to access the content, although the method is simple, it is not absolutely secure and is prone to malicious actions or attack on your system. You can handle this problem with some easy configuration and this tutorial covers one such method which disables USB storage in CentOS 7.

Disabling USB Storage

In order to disable the USB storage, you need to create a .conf file and edit it using a text editor.

root@linuxhelp ~ # vim /etc/modprobe.d/usb-storage.conf

Enter the following lines in the file.

install usb-storage /bin/true
~
~
~
:wq 

The above .conf file reflects fake installation of USB storage. Let us see how the above configuration affects our attempt to insert a USB device to the system.

When you insert a USB device, the following action takes place.
“ /bin/true is a command that returns zero “

True &ndash does nothing
True returns a status 0.

Now we need to reboot the machine to complete the process.

root@linuxhelp ~ # reboot

Now, if you plug a USB storage device you should not be able to access it. You can check it by running the following command.

In previous CentOS 6 version, you need to do the configuration in /etc/modprobe.conf, but in CentOS 7 it is deprecated and unique file must exist with the /etc/directory.d directory instead.

With this, this tutorial on blocking USB storage in CentOS 7 comes to an end. You can use this technique to prevent access to USB storage devices for unprivileged user accounts which can increase system security against certain physical attack vectors.