Secure Shell (SSH) is a cryptographic network protocol that allows secure communication between two computers over an unsecured network. It is commonly used for remote administration, file transfers, and tunneling connections securely. In this guide, we will walk you through the process of setting up SSH on an Ubuntu system with detailed examples.
Step 1: Installing OpenSSH Server
The OpenSSH server package allows your Ubuntu system to accept incoming SSH connections. If you haven't already installed it, you can do so by following these steps:
-
Update Package Lists: Open a terminal and run the following command to ensure that your package lists are up-to-date.
sudo apt update -
Install OpenSSH Server: Once the package lists are updated, install the OpenSSH server package by executing:
sudo apt install openssh-server -
Verify Installation: To ensure that the OpenSSH server is installed and running, you can check its status using:
sudo systemctl status ssh
Step 2: Configuring SSH
After installing the OpenSSH server, you may need to adjust some configuration settings based on your requirements. The main configuration file for SSH is located at /etc/ssh/sshd_config. Here are some common configurations you might want to consider:
- Changing Default Port: By default, SSH listens on port 22. For security reasons, you may choose to change this port to a non-standard one. Open
/etc/ssh/sshd_configin a text editor and modify thePortdirective. For example:Port 2222 - Disabling Root Login: It's generally recommended to disable direct root login over SSH to enhance security. Set
PermitRootLogintonoin the SSH configuration file:PermitRootLogin no - Enforcing SSH Protocol Version: You can specify which SSH protocol versions are allowed. To only allow SSH protocol version 2, add or modify the following line:
Protocol 2 - Restart SSH Service: After making changes to the SSH configuration file, you need to restart the SSH service for the changes to take effect:
sudo systemctl restart ssh
Step 3: Generating SSH Keys
SSH keys provide a secure way of authenticating to remote servers. Here's how you can generate SSH keys on your Ubuntu system:
- Generate SSH Key Pair: Open a terminal and run the following command to generate an SSH key pair:
You will be prompted to choose a location to save the keys and optionally set a passphrase.ssh-keygen -t rsa -b 4096 - Copy Public Key to Remote Server: After generating the SSH key pair, you need to copy the public key to the remote server you want to access. You can use the
ssh-copy-idcommand for this purpose:
Replacessh-copy-id username@remote_hostusernamewith your username on the remote server andremote_hostwith the hostname or IP address of the remote server.
Step 4: Connecting to Remote Servers
Once you have SSH set up and your keys are properly configured, you can connect to remote servers securely:
- Basic SSH Connection: To establish an SSH connection to a remote server, use the following command:
Replaceusernamewith your username on the remote server andremote_hostwith the hostname or IP address of the remote server. - Using SSH Keys: If you've set up SSH keys, you won't need to enter your password each time you connect. Simply run:
If you set a passphrase for your SSH key, you'll be prompted to enter it.ssh remote_host - Specifying Port Number: If you've changed the default SSH port, you need to specify it while connecting:
Replacessh -p port_number username@remote_hostport_numberwith the custom SSH port you've configured.
Conclusion
Setting up SSH on Ubuntu is an essential step for securing remote access to your system. By following the steps outlined in this guide, you should now have a fully functional SSH server configured on your Ubuntu system, allowing you to securely connect to and manage remote servers. Remember to always follow best practices for SSH security to keep your system safe from unauthorized access.