Enabling and Configuring SSH Access on Ubuntu

SSH (Secure Shell) is a protocol that allows you to securely connect to and manage remote servers. Enabling SSH access on your Ubuntu system provides the ability to remotely execute commands and transfer files securely over a network. This step-by-step guide covers everything you need to know about enabling and configuring SSH on Ubuntu.

← Back

Step 1: Install the OpenSSH Server

To enable SSH on your Ubuntu system, you need to install the OpenSSH server. This is the most widely used SSH implementation and is available from Ubuntu’s official repositories. Run the following commands:

sudo apt update

sudo apt install openssh-server

The OpenSSH server package will be installed. After installation, the SSH service should start automatically.

Step 2: Check SSH Service Status

Check if the SSH service is active with the following command:

sudo systemctl status ssh

If the service isn't running, start it with:

sudo systemctl start ssh

Step 3: Enable SSH to Start on Boot

Ensure that the SSH service starts automatically on boot with the following command:

sudo systemctl enable ssh

Step 4: Configure the SSH Server

For enhanced security, you may want to modify the SSH server's configuration. Open the configuration file with:

sudo nano /etc/ssh/sshd_config

Consider the following changes for improved security:

Change the default SSH port: Modify #Port 22 to a different port number like Port 2222 to avoid default port scanning attacks.
Disable root login: To prevent direct root login, uncomment #PermitRootLogin prohibit-password and set it to PermitRootLogin no.
Disable password-based login: For better security, use SSH key authentication instead of passwords by setting PasswordAuthentication no.

After editing, save the file and exit the editor.

Step 5: Restart SSH Service

To apply the configuration changes, restart the SSH service:

sudo systemctl restart ssh

Step 6: Allow SSH Through the Firewall

If you use a firewall like UFW, allow SSH traffic with:

sudo ufw allow ssh

If you changed the SSH port, ensure that the new port is also allowed:

sudo ufw allow 2222/tcp

Verify the firewall status with:

sudo ufw status

Step 7: Access the Server Remotely

You can now access your server remotely from another machine using an SSH client. On Linux/macOS, use the following command:

ssh username@your_server_ip

On Windows, use an SSH client like PuTTY to connect.

Step 8: Set Up SSH Key Authentication (Optional)

For increased security, set up SSH key authentication:

Generate an SSH key pair on your local machine:

ssh-keygen

Copy the public key to the server:

ssh-copy-id username@your_server_ip

Now, you can log in to the server without needing a password.

Conclusion

You've successfully enabled SSH access on your Ubuntu server. For improved security, consider using SSH key authentication and disabling root login. This allows for secure, remote management of your server from anywhere.

← Back