1

I have reduced all the listening services on my ubuntu desktop in order to not see the word LISTEN in netstat. While checking netstat today i saw a tcp_wait connection to port ubuntu-content-cache-3.ps5.canonical.com:80 while there was nothing open except a terminal. I know those are safe connections but i wish to make it stop. I need this desktop only for 1 application and nothing else bothering my paranoia. System is running lxde with lightdm on ubuntu 22.04

Alibaba
  • 11

1 Answers1

0

The actual URL called by Ubuntu is contracts.canonical.com (found out via tcpdump) on my system which is related to Ubuntu Pro.

The FQDN you wrote is one of multiple, as far as I know:

  • ubuntu-content-cache-1.ps5.canonical.com
  • ubuntu-content-cache-2.ps5.canonical.com
  • ubuntu-content-cache-3.ps5.canonical.com

All of those FQDNs are the results of a reverse DNS lookup for their corresponding IP addresses returned when looking up contracts.canonical.com.

The connection can be triggered by executing sudo pro refresh.

The connection is being made by multiple parts of the Ubuntu Pro / ESM / Ubuntu Advantage components. One service is the esm-cache service, this can be observed by executing sudo systemctl status esm-cache on Ubuntu 24.04 LTS noble, especially if the connection fails. The solution therefore would be to disable the Ubuntu Pro client by stopping and disabling the ubuntu-advantage service and masking the esm-cache service:

sudo systemctl stop ubuntu-advantage.service
sudo systemctl disable ubuntu-advantage.service
sudo systemctl mask esm-cache.service
sudo dpkg-divert --rename --divert /etc/apt/apt.conf.d/20apt-esm-hook.conf.disabled --add /etc/apt/apt.conf.d/20apt-esm-hook.conf

The service is safe to be disabled, source: https://manpages.ubuntu.com/manpages/noble/man1/ubuntu-advantage.1.html

However, even by disabling the above services the connections became more scarce, but are still performed and I could not yet figure out how to fully disable the calls to contracts.canonical.com. See also What are the services 'apt-news' and 'esm-cache', and how do I disable them? for another discussion to disable the esm-cache.

Felix H
  • 81