How to Enable SSH on Ubuntu

Introduction

When establishing a remote connection between a client and a server, the primary concern is ensuring security. For Linux users, the best practice of accessing and managing a server remotely is through the cryptographic protocol known as Secure Shell (SSH).

SSH encrypts all data transferred from one machine to another, making sure that no sensitive information is compromised during the process. As a desktop client, you can safely run a command line, transfer files, secure network services, and much more.

By following the steps below, you will learn how to enable SSH on Ubuntu.

enable SSH on Ubuntu

Prerequisites

  • A user with sudo privileges.
  • Permissions to access the remote computer.
  • Access to a terminal/command line.
  • The apt-get tool, pre-loaded in Ubuntu and other Debian-based distros

Enable SSH on Ubuntu

The SSH server is not installed by default on Ubuntu systems. To install and enable SSH on Ubuntu follow the steps below:

1. Open the terminal either by using the CTRL+ALT+T keyboard shortcut or by running a search in Ubuntu Dash and selecting the Terminal Icon.

2. Before starting the installation process, check if an SSH server has already been installed on your computer with the following ssh command:

ssh localhost
SSH locahost connection refused

If you see the SSH "Connection Refused" message, you will have to go through the SSH installation process.

3. To install SSH, first update the package repository cache with:

sudo apt-get update

4. Now install the OpenSSH software package by entering:

sudo apt-get install openssh-server
sudo apt-get install openssh-server terminal output

If prompted, type in your password and press y (yes) to permit the installation.

5. To verify the installation was successful and SSH is running use the command:

sudo service ssh status
sudo service ssh status terminal output

The confirmation message that you are looking for is: Active: active (running).

This means you have installed and enabled SSH on your remote machine, which can now accept commands from your SSH client.

6. To return to the command line prompt enter q.

Log Into Remote Server With SSH

Once you have gone through the process of enabling SSH on Ubuntu, you are ready to log into your remote machine.

1. Open the terminal (CTRL+ALT+T) and type the following command:

ssh [email protected]_IP -p22
ssh port 22 local terminal output

Change the username and IP address to the username and IP address of the Ubuntu computer on which you have installed SSH.

2. If you do not know the IP address, you can quickly identify it through the terminal by typing the command:

ip a
ip a terminal output

This displays the public IP address of the machine where SSH was installed.

Once you have identified and typed in all the information, you are officially logged into the server. You are free to manage it from the comfort of your workstation safely.

Note: Read more about secure remote access to implement and enforce the best practices for employees.

SSH Configuration Options

The default SSH configuration options can be adjusted. You can change the default port (generally a good idea, as a precautionary security measure), disable the root user, or make other configuration adjustments.

Edit Configuration File

After successfully installing OpenSSH on Ubuntu, you can edit its configuration file.

1. Open the SSH configuration file with the command:

sudo nano /etc/ssh/sshd_config

2. Now that you have opened the file using nano (or with any Linux text editor) find and make any necessary changes.

For example, to change the port number to listen on TCP port 2222 instead of the default TCP port 22, find the line in which Port 22 is specified by default, uncomment the line, and change it to Port 2222.

port 2222 sshd_config file contents

Note: Changing the default port number is an SSH security best practice. Everyone is aware of the default port number so changing it is a recommended security precaution.

Disable Root

Another critical security precaution is to disable remote root access. That way, the root user cannot be invoked remotely, and security will be significantly improved.

1. In the configuration file, find the line that reads PermitRootLogin_yes and change it to PermitRootLogin_no.

2. For the changes to take effect, restart the SSH service with the following command:

sudo systemctl restart sshd.service

Configure Firewall

If you have decided to change the default port number, you must configure your firewall to allow traffic via the specified port.

Let’s use the example of Port 2222.

The default firewall configurations tool in Ubuntu is UFW, configure it with the command:

sudo ufw allow from any to any port 2222 proto tcp

Some firewalls may require allowing traffic to the public IP address of the machine running SSH.

firewall port 2222 allow rule update terminal output

Note: The port 2222 is the port number we have defined in the Configure SSH section. If you used the default port 22, then it is not necessary to put the port number.

How to Disable SSH on Ubuntu

To temporarily disable SSH on Ubuntu, run:

sudo service ssh stop

Start the SSH service with:

sudo service ssh start

To completely disable SSH after reboot:

sudo systemctl disable ssh

Enable SSH on Ubuntu after reboot with:

sudo systemctl enable ssh

Conclusion

By following the simple steps above, you now know how to enable SSH on Ubuntu. Now you can establish a reliable and secure protocol between you and a remote device.

Get started by logging to your machine to perform sysadmin tasks with the command prompt.

Was this article helpful?
YesNo
Sofija Simic
Sofija Simic is an experienced Technical Writer. Alongside her educational background in teaching and writing, she has had a lifelong passion for information technology. She is committed to unscrambling confusing IT concepts and streamlining intricate software installations.
Next you should read
How to Install / Enable OpenSSH on CentOS 7
August 28, 2019

This article provides all the information you need in order to set up SSH encryption on your remote device...
Read more
How to Enable SSH on Debian 9 or 10
July 30, 2019

If you are using Debian 9 or Debian 10 to manage servers, you must ensure that the transfer of data is as...
Read more
How to Generate SSH Keys on Ubuntu 18.04
July 29, 2019

Establishing a connection with a remote server without taking the proper security measures can lead to severe...
Read more
How to Use SSH to Connect to a Remote Server in Linux or Windows
September 24, 2018

In this tutorial, Find out How To Use SSH to Connect to a Remote Server in Linux or Windows. Get started with...
Read more
  • © 2022 Copyright phoenixNAP | Global IT Services. All Rights Reserved.