Enabling SSH (Secure Shell) on Ubuntu is crucial for managing servers, remotely accessing machines, and performing network-related tasks. SSH provides a secure channel over an unsecured network, allowing users to securely manage systems and transfer files.
So, whether you’re a system administrator, a developer, or a tech enthusiast, mastering SSH setup on Ubuntu will enhance the overall process of server access and remote server manipulation.
In this tutorial, we will discuss how to enable SSH in Ubuntu. We will walk you through setting up and configuring SSH on Ubuntu, the installation of an SSH server, adjusting firewall settings, and then deactivating a secure connection.
Table Of Contents
- The Prerequisites
- Enable SSH on Ubuntu
- Access Remote Server Using SSH
- Options for Configuring SSH
- How to Deactivate SSH in Ubuntu
- Conclusion
- FAQs
The Prerequisites
Before configuring and enabling SSH on Ubuntu, ensure you have the following:
- A system running a stable Ubuntu version (our test system has Ubuntu 22.04)
- A user account with root or sudo privileges.
- Permission to access a remote system.
Enable SSH on Ubuntu
SSH is a crucial protocol for securely connecting to and managing your Ubuntu system remotely. Note that not all Ubuntu versions have SSH installed by default. So, before you can use SSH, you need to install and enable SSH on Ubuntu systems.
Start by launching the terminal and verifying that you have an SSH server on your system. For this, execute the following command:
# ssh localhost
If you encounter a Connection Refused error, SSH isn’t installed on the system.
We recommend that you go through our detailed coverage of the solutions for the Connection Refused error.
You should now begin the installation of the SSH service.
The first step is to update the local package repository cache with the following command:
# sudo apt-get update
Next, install the OpenSSH server package with the following apt-get command:
# sudo apt-get install openssh-server
Enter your password and press y when prompted.
Once the installation finishes, you need to start the SSH service to make it available immediately:
# sudo systemctl start ssh
At this point, you can also run the following command to allow the SSH server to start automatically on system boot:
# sudo systemctl enable ssh
You can also verify that the SSH installation is operational by checking its status with the following command:
# sudo service ssh status
If the status check shows Active: active (running), the SSH has been installed and activated on the machine. You can now initiate and receive SSH connections on the system.
Finally, press q to exit the status screen and return to the command prompt.
Access Remote Server Using SSH
Once the SSH is enabled in Ubuntu, you can connect to a remote server.
Launch the terminal (CTRL+ALT+T) and enter this command:
# ssh username@public_IP -p 22
Replace username and public_IP with the actual username and IP address of the Ubuntu system where SSH is enabled.
If you don’t know the IP address, find it by entering the following command in the terminal:
# ip a
The command outputs the public IP address of the device with SSH enabled.
Once you have entered the necessary details, press Enter to execute the command.
At this point, you will be prompted to enter the password for the specified user account. Once verified, you will be successfully connected to the remote server’s shell. You can then securely administer and execute commands from your workstation.
Options for Configuring SSH
You can configure the default SSH settings to introduce more flexibility beyond the basic options. This includes altering the default port for enhanced security, prohibiting root user access, and executing other configuration changes.
We will now discuss three common aspects of configuring SSH on your server:
Edit the SSH Configuration File
After the successful installation of OpenSSH in Ubuntu, you are now all set to edit the configuration file.
Start by opening the configuration file in your preferred text editor. For this demonstration, we will run the following command to open the file in VI.
# sudo vi /etc/ssh/sshd_config
Now, locate and adjust the settings as needed.
For instance, you can change the default SSH port 22 to TCP port 2222. For this, locate the line that specifies Port 22, uncomment it, and alter the value to 2222.
Disable Root Login
Disabling remote root login over SSH is a crucial security practice. It prevents unauthorized remote root access so that no one can abuse the powers of the root account on the remote machine.
You can start implementing this security best practice by opening the SSH configuration file in your preferred editor. We will open it in VI with the following command:
# sudo vi /etc/ssh/sshd_config
Locate the line PermitRootLogin yes in this file and modify it to PermitRootLogin no.
After saving the file, you need to restart the SSH service using the following command. This is a critical step in applying these changes:
# systemctl restart sshd.service
Configure Firewall for Security
If you opt to modify the default port number, it’s necessary to adjust your firewall settings to permit traffic to the port you set in the configuration file. Continuing the previous example, we will use port 2222 for this demonstration.
Since Ubuntu’s standard firewall is UFW, we will use it for this demonstration. Run the following command to allow traffic to the port 2222:
# sudo ufw allow from any to any port 2222 proto tcp
In addition, some firewalls might require an additional step of permitting traffic to the public IP address of the device on which SSH is operational.
How to Deactivate SSH in Ubuntu
Even though SSH is a crucial tool for remote access, at times there might be situations where you might have to temporarily or permanently disable it (in rare cases).
We will now briefly mention the commands you can run to enable or disable SSH on your system:
To temporarily disable SSH, run:
# service ssh stop
To start the SSH service on the system, run:
# service ssh start
To completely disable SSH after system reboot:
# systemctl disable ssh
To enable SSH on Ubuntu after reboot:
# systemctl enable ssh
Conclusion
Learning to enable SSH on Ubuntu is a fundamental skill that enhances secure remote access and system management. By installing the SSH server, configuring the service, and ensuring the connection’s security, users can safely manage Ubuntu systems over the network.
By following the steps provided you can set up SSH and can efficiently manage Ubuntu servers remotely, ensuring a secure and reliable network environment. Managing your own server at times becomes a burden where a trusted hosting provider like RedSwitches can be a valuable asset.
At RedSwitches, we’re dedicated to helping you discover the perfect server solutions to drive your business to new heights. So, if you’re looking for a robust server, we offer the best dedicated server pricing and deliver instant dedicated servers, usually on the same day the order gets approved. Whether you need a dedicated server, a traffic-friendly 10Gbps dedicated server, or a powerful bare metal server, we are your trusted hosting partner.
Choose RedSwitches for your dedicated server solutions and experience our commitment to excellence as your trusted hosting partner.
FAQs
Q. What is SSH, and why is it an essential tool for Ubuntu?
SSH, or Secure Shell, is a network protocol that allows secure access to a remote machine, facilitating secure file transfers and remote shell access. It’s an essential tool for managing remote systems and ensuring secure communications.
Q. How do I enable SSH in Ubuntu?
To enable SSH on Ubuntu, install the OpenSSH server application using the sudo apt install openssh-server command. Once installed, the SSH service should start automatically. You can check its status with sudo systemctl status ssh.
Q. How can I ensure my SSH access is secure?
To enhance the layer of security for SSH access, use key-based authentication instead of password-based authentication, regularly update your SSH software, and configure the firewall to limit incoming connections to the SSH port.
Q. What is the default SSH port, and how can I change it?
The default SSH port is 22. To change it, edit the SSH Config file located at /etc/ssh/sshd_config, find the line #Port 22, replace it with your desired port number, and restart the SSH service using sudo systemctl restart ssh.
Q. How do I connect to a remote machine using SSH?
To connect to a remote machine, use the SSH client by entering ssh username@remote_host in the terminal, where the username is your remote user and remote_host is the IP address or hostname of the remote machine.
Q. What is key authentication and its benefits over password-based authentication?
Key authentication uses key pairs (a public and a private key) for authentication, offering a more secure alternative to password-based authentication. It reduces the risk of brute force attacks and unauthorized access.
Q. How can I configure SSH to accept only key-based authentication?
Edit the SSH Config file (/etc/ssh/sshd_config) and set PasswordAuthentication no. Then, restart the SSH service for the changes to take effect.
Q. Can I use SSH for file transfers?
Yes, SSH can securely facilitate file transfers between systems using commands like scp or sftp, which encrypt the transfer to protect against interception.
Q. How do I manage inbound SSH connections through the firewall?
Use a firewall configuration tool like UFW to manage inbound SSH connections. For example, you can allow incoming SSH traffic on the default SSH port with sudo ufw allow 22/tcp.
Q. What are some common SSH command options for managing remote connections?
SSH commands include options like -p to specify a port, -i to designate an identity file (key), and -v for verbose mode, which can help troubleshoot connection issues.
Q. How can I prevent unauthorized access through SSH?
To prevent unauthorized access, regularly audit your SSH keys and access rights, use strong key pairs for authentication, and configure your firewall to restrict access to known IP addresses.
