Which Network Services in Ubuntu 16.04 Server on Linode Should/Can be Removed?

Question

It is my first time to set up a cloud server - Ubuntu 16.04 on Linode. I followed their documentation but I'm stuck on the 'Remove Unused Network-Facing Services' part. I am not sure which services should/can I remove (from the Linode guide - "Exim and RPC, however, are unnecessary unless you have a specific use for them, and should be removed."). I just believe that the ssh-related services I marked with '*' should remain.

results of: sudo ss -lnp

Netid  State      Recv-Q Send-Q Local Address:Port               Peer Address:Port              
nl     UNCONN     0      0       0:0                    *                   
nl     UNCONN     5463   0       5:25280                *                   
nl     UNCONN     879    0       5:0                    *                   
nl     UNCONN     0      0       7:0                    *                   
nl     UNCONN     0      0       1:25281                *                   
nl     UNCONN     0      0       1:-479899735           *                   
nl     UNCONN     0      0       1:9                    *                   
nl     UNCONN     0      0       1:2                    *                   
nl     UNCONN     0      0       1:2                    *                   
nl     UNCONN     0      0      11:1                    *                   
nl     UNCONN     0      0      12:1                    *                   
nl     UNCONN     0      0      13:1                    *                   
nl     UNCONN     0      0      16:-1610261256          *                   
nl     UNCONN     0      0      16:0                    *                   
nl     UNCONN     0      0      16:-2068236147          *                   
nl     UNCONN     0      0      16:4404                 *                   
nl     UNCONN     0      0      16:1                    *                   
nl     UNCONN     0      0      16:14946                *                   
nl     UNCONN     0      0      16:-1223314811          *                   
nl     UNCONN     0      0      16:-68653604            *                   
nl     UNCONN     0      0      16:14946                *                   
nl     UNCONN     0      0      16:1                    *                   
nl     UNCONN     0      0      16:-68653414            *                   
nl     UNCONN     0      0      16:-1214494911          *                   
nl     UNCONN     0      0      16:-3159326147          *                   
nl     UNCONN     0      0      16:4414                 *                   
nl     UNCONN     0      0      16:-1666257646          *                   
nl     UNCONN     0      0      17:0                    *                   
nl     UNCONN     0      0      22:0                    *                   
u_str  LISTEN     0      128    /run/systemd/private 49891               * 0                   users:(("systemd",pid=1,fd=26))
u_dgr  UNCONN     0      0      /run/systemd/notify 9711                * 0                   users:(("systemd",pid=1,fd=12))
u_dgr  UNCONN     0      0      /run/systemd/journal/syslog 8791                * 0                   users:(("rsyslogd",pid=3675,fd=3),("systemd",pid=1,fd=79))
u_seq  LISTEN     0      128    /run/udev/control 8894                * 0                   users:(("systemd-udevd",pid=37657,fd=4),("systemd",pid=1,fd=43))
u_str  LISTEN     0      128    /run/systemd/fsck.progress 8564                * 0                   users:(("systemd",pid=1,fd=41))
u_str  LISTEN     0      128    /run/systemd/journal/stdout 8346                * 0                   users:(("systemd-journal",pid=2017,fd=4),("systemd",pid=1,fd=36))
u_dgr  UNCONN     0      0      /run/systemd/journal/socket 8908                * 0                   users:(("systemd-journal",pid=2017,fd=5),("systemd",pid=1,fd=37))
u_dgr  UNCONN     0      0      /run/user/1000/systemd/notify 77658               * 0                   users:(("systemd",pid=17656,fd=13))
u_str  LISTEN     0      128    /run/user/1000/systemd/private 79870               * 0                   users:(("systemd",pid=13456,fd=14))
u_dgr  UNCONN     0      0      /run/systemd/journal/dev-log 9765                * 0                   users:(("systemd-journal",pid=2017,fd=3),("systemd",pid=1,fd=62))
u_str  LISTEN     0      128    /var/run/dbus/system_bus_socket 17534               * 0                   users:(("dbus-daemon",pid=3561,fd=3),("systemd",pid=1,fd=58))
u_str  LISTEN     0      1      /var/run/fail2ban/fail2ban.sock 66316               * 0                   users:(("fail2ban-server",pid=12344,fd=3))
u_str  LISTEN     0      128    /run/uuidd/request 17654               * 0                   users:(("uuidd",pid=37655,fd=3),("systemd",pid=1,fd=64))
u_str  LISTEN     0      8      /var/run/sendmail/mta/smcontrol 65439               * 0                   users:(("sendmail-mta",pid=12342,fd=6))
u_dgr  UNCONN     0      0       * 72463               * 8238                users:(("systemd",pid=11236,fd=3))
u_dgr  UNCONN     0      0       * 46426               * 8548                users:(("systemd-udevd",pid=34567,fd=5))
u_dgr  UNCONN     0      0       * 79620               * 9675                users:(("(sd-pam",pid=14565,fd=7))
u_dgr  UNCONN     0      0       * 19259               * 9545                users:(("dbus-daemon",pid=3781,fd=11))
u_dgr  UNCONN     0      0       * 39459               * 38740               users:(("systemd-timesyn",pid=22344,fd=7))
u_dgr  UNCONN     0      0       * 35422               * 30871               users:(("systemd-timesyn",pid=22344,fd=10))
u_dgr  UNCONN     0      0       * 34320               * 8568                users:(("systemd-timesyn",pid=22344,fd=3))
u_dgr  UNCONN     0      0       * 32341               * 33452               users:(("systemd-timesyn",pid=22344,fd=9))
u_dgr  UNCONN     0      0       * 35320               * 36549               users:(("systemd-timesyn",pid=22344,fd=8))
u_dgr  UNCONN     0      0       * 15679               * 8238                users:(("systemd-logind",pid=356,fd=3))
u_dgr  UNCONN     0      0       * 46780               * 42341               users:(("systemd-udevd",pid=36787,fd=7))
u_dgr  UNCONN     0      0       * 61238               * 98765                users:(("sendmail-mta",pid=13452,fd=3))
u_dgr  UNCONN     0      0       * 74567               * 99875                users:(("sudo",pid=18760,fd=8))
*u_dgr  UNCONN     0      0       * 78435               * 9345                users:(("sshd",pid=12346,fd=4),("sshd",pid=13934,fd=4))
u_dgr  UNCONN     0      0       * 40981               * 42340               users:(("systemd-udevd",pid=30987,fd=8))
u_dgr  UNCONN     0      0       * 63214               * 8908                users:(("systemd",pid=2,fd=16))
*u_dgr  UNCONN     0      0       * 75675               * 9565                users:(("sshd",pid=14564,fd=4),("sshd",pid=18768,fd=4))
u_dgr  UNCONN     0      0       * 9673                * 8348                users:(("systemd-journal",pid=2017,fd=14))
*tcp    LISTEN     0      128     *:11                  *:*                   users:(("sshd",pid=13450,fd=3))
tcp    LISTEN     0      10     131.0.0.1:45                  *:*                   users:(("sendmail-mta",pid=12342,fd=4))
tcp    LISTEN     0      10     131.0.0.1:987                 *:*                   users:(("sendmail-mta",pid=10982,fd=5))
*tcp    LISTEN     0      128    :::33                 :::*                   users:(("sshd",pid=15640,fd=4))

Anyone who has an experience on removing the unnecessary services?

Answer 1

Welcome to serverfault Greg. What is "unnecessary" is subjective :-)

When you setup a server distribution such as ubuntu server or centos on linode usually you have a minimal set of applications pre-installed. For example, depending on your usage it's possible that fail2ban is unnecessary if you don't use it, or sendmail.

To me, if this is a test server you are using to learn, it's quite ok like that.