Blocking USB Storage Devices in Linux

This guide explains multiple methods to block USB mass storage devices.

Method 1: Using Blacklist File

1. Edit the Blacklist File

Create and open a new configuration file using a text editor such as nano:

sudo nano /etc/modprobe.d/blacklist-usb-storage.conf

2. Add the Following Lines

Add the following two lines to block the usb-storage and uas modules:

blacklist usb_storage
blacklist uas

3. Update initramfs

Run the following command to update the initial RAM file system:

sudo update-initramfs -u

4. Reboot the System

Restart your computer for the changes to take effect. The `usb-storage` and `uas` modules will no longer be loaded, effectively blocking USB mass storage devices.

Method 2: Using the Install Command

This method prevents the `usb-storage` module from loading by telling the system to execute a non-existent command instead.

1. Edit the Configuration File

Create and open a new file using a text editor:

sudo nano /etc/modprobe.d/usb-storage.conf

2. Add the Following Line

Add the following line to block the module:

install usb-storage /bin/true

3. Update initramfs

Run the following command to update the initial RAM file system:

sudo update-initramfs -u

4. Reboot the System

Restart your computer to apply the changes.

Method 3: Using the Immutable File Attribute

This method locks the configuration files so that even the root user cannot modify or delete them.

1. Set the Immutable Attribute

Use the chattr command to set the immutable flag on the configuration files:

sudo chattr +i /etc/modprobe.d/blacklist-usb-storage.conf
sudo chattr +i /etc/modprobe.d/usb-storage.conf

Once set, these files cannot be modified, deleted, renamed, or linked to — even by the root user.

2. Remove the Immutable Attribute (If Needed)

To make changes later, remove the immutable flag using:

sudo chattr -i /etc/modprobe.d/blacklist-usb-storage.conf
sudo chattr -i /etc/modprobe.d/usb-storage.conf

3. Update initramfs

Run the following command to update the initial RAM file system:

sudo update-initramfs -u

Anonymous

Search

Creating Block USB storage in Ubuntu

Namespaces

More

Page actions

Contents

Blocking USB Storage Devices in Linux

Method 1: Using Blacklist File

1. Edit the Blacklist File

2. Add the Following Lines

3. Update initramfs

4. Reboot the System

Method 2: Using the Install Command

1. Edit the Configuration File

2. Add the Following Line

3. Update initramfs

4. Reboot the System

Method 3: Using the Immutable File Attribute

1. Set the Immutable Attribute

2. Remove the Immutable Attribute (If Needed)

3. Update initramfs

Navigation

Navigation

Wiki tools

Wiki tools

Anonymous

Search

Creating Block USB storage in Ubuntu

Blocking USB Storage Devices in Linux

Method 1: Using Blacklist File

1. Edit the Blacklist File

2. Add the Following Lines

3. Update initramfs

4. Reboot the System

Method 2: Using the Install Command

1. Edit the Configuration File

2. Add the Following Line

3. Update initramfs

4. Reboot the System

Method 3: Using the Immutable File Attribute

1. Set the Immutable Attribute

2. Remove the Immutable Attribute (If Needed)

3. Update initramfs

Navigation

Wiki tools

Page tools