How to Set Up SSH on Ubuntu

Secure Shell (SSH) is a cryptographic network protocol that allows secure communication between two computers over an unsecured network. It is commonly used for remote administration, file transfers, and tunneling connections securely. In this guide, we will walk you through the process of setting up SSH on an Ubuntu system with detailed examples.

Step 1: Installing OpenSSH Server

The OpenSSH server package allows your Ubuntu system to accept incoming SSH connections. If you haven't already installed it, you can do so by following these steps:

  1. Update Package Lists: Open a terminal and run the following command to ensure that your package lists are up-to-date.

    sudo apt update
    
  2. Install OpenSSH Server: Once the package lists are updated, install the OpenSSH server package by executing:

    sudo apt install openssh-server
    
  3. Verify Installation: To ensure that the OpenSSH server is installed and running, you can check its status using:

    sudo systemctl status ssh
    

Step 2: Configuring SSH

After installing the OpenSSH server, you may need to adjust some configuration settings based on your requirements. The main configuration file for SSH is located at /etc/ssh/sshd_config. Here are some common configurations you might want to consider:

  1. Changing Default Port: By default, SSH listens on port 22. For security reasons, you may choose to change this port to a non-standard one. Open /etc/ssh/sshd_config in a text editor and modify the Port directive. For example:
    Port 2222
    
  2. Disabling Root Login: It's generally recommended to disable direct root login over SSH to enhance security. Set PermitRootLogin to no in the SSH configuration file:
    PermitRootLogin no
    
  3. Enforcing SSH Protocol Version: You can specify which SSH protocol versions are allowed. To only allow SSH protocol version 2, add or modify the following line:
    Protocol 2
    
  4. Restart SSH Service: After making changes to the SSH configuration file, you need to restart the SSH service for the changes to take effect:
    sudo systemctl restart ssh
    

Step 3: Generating SSH Keys

SSH keys provide a secure way of authenticating to remote servers. Here's how you can generate SSH keys on your Ubuntu system:

  1. Generate SSH Key Pair: Open a terminal and run the following command to generate an SSH key pair:
    ssh-keygen -t rsa -b 4096
    
    You will be prompted to choose a location to save the keys and optionally set a passphrase.
  2. Copy Public Key to Remote Server: After generating the SSH key pair, you need to copy the public key to the remote server you want to access. You can use the ssh-copy-id command for this purpose:
    ssh-copy-id username@remote_host
    
    Replace username with your username on the remote server and remote_host with the hostname or IP address of the remote server.

Step 4: Connecting to Remote Servers

Once you have SSH set up and your keys are properly configured, you can connect to remote servers securely:

  1. Basic SSH Connection: To establish an SSH connection to a remote server, use the following command:
    Replace username with your username on the remote server and remote_host with the hostname or IP address of the remote server.
  2. Using SSH Keys: If you've set up SSH keys, you won't need to enter your password each time you connect. Simply run:
    ssh remote_host
    
    If you set a passphrase for your SSH key, you'll be prompted to enter it.
  3. Specifying Port Number: If you've changed the default SSH port, you need to specify it while connecting:
    ssh -p port_number username@remote_host
    
    Replace port_number with the custom SSH port you've configured.

Conclusion

Setting up SSH on Ubuntu is an essential step for securing remote access to your system. By following the steps outlined in this guide, you should now have a fully functional SSH server configured on your Ubuntu system, allowing you to securely connect to and manage remote servers. Remember to always follow best practices for SSH security to keep your system safe from unauthorized access.