×
ubuntu enable ssh - Learn how to Install, Enable & Configure Secure Shell Server

OpenSSH is an open-source version of the Secure Shell (SSH) cryptographic network protocol that can be used for a secure connection between a client and a server.

SSH allows you to transfer files (using SCP, Rsync and other protocols along with an SSH Client), manage the server remotely and create secure virtual private networks over the Internet.

In this tutorial, we will show you how to set up and enable SSH on an Ubuntu desktop.

Prerequisites

  • A system running an Ubuntu desktop.
  • A normal user with sudo privileges.

Install SSH Server

By default, the SSH server is not installed in the Ubuntu desktop system.

So you will need to install it from the Ubuntu repository.

First, it is recommended to update your system with the latest version. You can update it with the following command:

sudo apt-get update -y

Next, install the SSH server package with the following command:

sudo apt-get install openssh-server -y

Once the installation is completed, you should see the following screen:

Check SSH Status

You can also check the status of SSH service with the following command:

sudo systemctl status ssh

You should see the following output:

● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Thu 2019-12-05 11:02:49 UTC; 46s ago
Main PID: 2872 (sshd)
Tasks: 1 (limit: 1114)
CGroup: /system.slice/ssh.service
└─2872 /usr/sbin/sshd -D
Dec 05 11:02:49 ubuntu1804 systemd[1]: Starting OpenBSD Secure Shell server...
Dec 05 11:02:49 ubuntu1804 sshd[2872]: Server listening on 0.0.0.0 port 22.
Dec 05 11:02:49 ubuntu1804 sshd[2872]: Server listening on :: port 22.
Dec 05 11:02:49 ubuntu1804 systemd[1]: Started OpenBSD Secure Shell server.

At this point SSH server is installed and running on your Ubuntu Desktop system.

Enable SSH

By default, OpenSSH is running on port 22 and is vulnerable to attack.

So it is recommended to change the SSH default port.

You can change it by editing the file /etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config

Find the following line:

#Port 22

And replace it with the following line:

Port 2020

Save and close the file when you are finished.

Then, restart the SSH service to apply the changes:

sudo systemctl restart ssh

You can now check the SSH listening port with the following command:

netstat -ant

You should see the following output:

Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address Foreign Address State
tcp 0 0 0.0.0.0:2020 0.0.0.0:* LISTEN
tcp 0 0 127.0.0.53:53 0.0.0.0:* LISTEN
tcp 0 0 192.168.0.105:2020 192.168.0.104:44778 ESTABLISHED
tcp6 0 0 :::2020 :::* LISTEN

Permit Root Login SSH

In the Ubuntu desktop machine, SSH does not allow remote machines to connect the SSH server via root user.

So you will need to configure SSH to Permit Root Login.

You can do it by editing the file /etc/ssh/sshd_config:

sudo nano /etc/ssh/sshd_config

Change the line from:

PermitRootLogin without-password

To

PermitRootLogin yes

Save and close the file when you are finished.

 

Press Esc

Type :wq

 

This will write & quit the file – you may need to add an “!” as well to force the write & quit command.

Next, restart SSH service to apply the changes:

sudo systemctl restart ssh

Configure Firewall

By default, Ubuntu comes with a UFW firewall configuration tool.

If the UFW firewall is enabled in your system then you will need to allow port 2020 through UFW.

You can do it with the following command:

sudo ufw allow ssh

Or

sudo ufw allow 2020/tcp

Next, reload the UFW firewall to apply the changes with the following command:

sudo ufw reload

At this point, the SSH server is configured on your Ubuntu desktop system.

Connect to SSH Server Over LAN

Now, go to another system and run the following command to connect your Ubuntu desktop system over the LAN:

ssh User@Ip-address -p Port

Where:

  • User : Is the user account name of your Ubuntu Desktop system.
  • Ip-address : Is the Ip address of your Ubuntu Desktop system.
  • Port : Is the port number of the SSH server installed on Ubuntu Desktop system.

For example, run the following command to connect your Ubuntu Desktop with IP address 192.168.0.105, username hitesh and port number 2020:

ssh hitesh@192.168.0.105 -p 2020

If you are connecting to your Ubuntu Desktop via SSH first time, you should see the following output:

The authenticity of host '[192.168.0.105]:2020 ([192.168.0.105]:2020)' can't be established.
ECDSA key fingerprint is 4f:f8:c3:a7:68:69:29:fa:6f:86:83:a2:d9:8b:1a:8b.
Are you sure you want to continue connecting (yes/no)? yes

Type yes and hit Enter button.

You will be asked to enter your user password as shown below:

Warning: Permanently added '[192.168.0.105]:2020' (ECDSA) to the list of known hosts.
hitesh@192.168.0.105's password:

Provide your user password to login to the Ubuntu Desktop system as shown below:

Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-20-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
System information as of Thu Dec 5 12:39:26 UTC 2019
System load: 0.08 Processes: 90
Usage of /: 43.1% of 7.81GB Users logged in: 1
Memory usage: 15% IP address for enp0s3: 192.168.0.105
Swap usage: 0%
* Ubuntu's Kubernetes 1.14 distributions can bypass Docker and use containerd
directly, see https://bit.ly/ubuntu-containerd or try it now with
snap install microk8s --classic
109 packages can be updated.
107 updates are security updates.
Last login: Thu Dec 5 12:19:16 2019 from 192.168.0.104

At this point, you have configured SSH to connect it over the LAN.

Connect to SSH Server Over the Internet

You can also connect your Ubuntu Desktop system via SSH from the remote system over the internet.

To do so, you will need to find the public IP address of your Ubuntu Desktop system and configure your router to forward the port 22 to the port 2020 of your Ubuntu Desktop system.

Since every router has different configuration options so you will need to do your own research to configure port forwarding.

After setting up port forwarding, you will need to find out the public IP address of your Ubuntu Desktop system.

You can find out it by visiting the URL https://www.whatismyip.com/.

You should see your public IP in the following screen:

whatismyip find public ip

Now, go to the remote system, open your terminal and run the following command:

ssh user@your-public-ip-address

You will be asked to enter the SSH password.

Enter it and you will be logged into your Ubuntu Desktop system over the internet.

Thats it!

You have successfully connected your Ubuntu Desktop from the remote system over the internet via SSH!

Conclusion

In the above tutorial, we learned how to Install, Configure and use an Ubuntu SSH server your system.

You can now do anything such as, file transfer, remote system management and many more with SSH.

For more information, you can visit the SSH documentation page at SSH Doc. Feel free to ask me if you have any questions in the comments below!