The terminal should stay running. What if your ssh daemon crashes? Physical access to a system is an easy way to get around most security. As Kyle said, they can boot into single user mode and get access to the system. You can mitigate this by using a bootloader password in grub, but if someone has physical access to your systems then you have bigger problems.
To directly answer your other questions, it sounds like you just want some general hardening advice. Leaving unnecessary daemons/services running can introduce unnecessary risk. Look at all of your services, look up what they do or what they provide and think about whether you need or use that particular one. If you don't, disable it. You seem to want to focus on ssh access as well. Disable root logins via ssh, enforce lock outs so that someone can't brute force you, or if you have a limited amount of users accessing this system, you can allow only those specific users to log in via ssh.