Enabling SSH in Ubuntu
Secure Shell (SSH) is a method primarily on *nix-based operating systems, which enables access to a computer, through a secure, two-way encrypted communication system. It was built as an alternative to
telnet and other remote access software, which did not offer a secure means of connection. It is typically used as a way to access a remote system, for development, file sharing, etc. For a network administrator, it is an essential tool and one they should know how to set up, and operate.
SSH in Linux
In Linux, SSH uses a method of encryption called end-to-end encryption, where one user holds a public key, and another a private key. SSH is used via the terminal, hence it has a command-line interface
Installing SSH on Linux
Most Linux distros, and *nix operating systems come pre-installed with an SSH client, typically openSSH. You can check if you have SSH installed by checking the version of SSH on your system, using
ssh -V command
- If you don't have SSH installed on your system, you can install it using your default package manager utility (apt, in our case) of Ubuntu/Debian systems in the following manner
sudo apt update
sudo apt upgrade
sudo apt install openssh-server
If you have just installed
SSH, to check for a successful install, we can check if the SSH service is up and running in the following manner
sudo service ssh status
The output looks like the following
? ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Mon 2020-06-01 12:34:00 CEST; 9h ago
The message you are looking for is
Active: active (running).
If disabled, then we can start SSH using the following commands
sudo systemctl enable ssh # Should start SSH when system is turned on
sudo systemctl start ssh # Turning on SSH
If the firewall is enabled, to ensure SSH connections don't fail, we need to allow access through the firewall. The default firewall utility on Ubuntu is
ufw. To allow SSH connections, we need to open the port using
sudo ufw allow ssh
That's it. Now you can successfully connect to your Ubuntu system from any remote machine, using SSH.
Basic SSH Commands
For now, we have seen how to check if SSH is installed, or how to install it. Now we will cover how to enable and run SSH.
To connect to your Ubuntu system over LAN, invoke
ssh, with your username and IP address in the following format
ssh username@<IP or Domain>
If you don't know your IP address, you can find it using
Over here the system IP is
Hence to connect to this system we run
For first time connections, you will be greeted with a message in the following format
The authenticity of host '172.31.166.141 (172.31.166.141)' can't be established.
ECDSA key fingerprint is SHA256:Vybt22mVXuNuB5unE++yowF7lgA/9/2bLSiO3qmYWBY.
Are you sure you want to continue connecting (yes/no)?
yes, and you will be prompted for a password. Once you enter the password, you will be greeted with the default Ubuntu message
Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-26-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
SSH Configuarion Options
To configure SSH, all relevant files are stored in
/etc/ssh/. Generally, on install, you can change your default port ( precautionary safety measure ), disable root access ( a smart decision ), and/or make other configuration adjustments.
There are generally two files in this directory used for configuration purposes
- ssh_config: used to configure SSH clients. It defines rules used when connecting to a remote host.
- sshd_config: used to configure self's SSH server. Used to define the reachable SSH port, and if root access is allowed and so on.
- Open your SSH configuration file, using your favourite editor ( command-line or GUI )
sudo vim /etc/ssh/sshd_config
- For example, you want to change the default TCP port from 22 to 1337, find the line with
Port 22 specified, and edit it to
Also, allow this port using
ufw if setup, with the following command
sudo ufw allow 1337
- To deny root access, even if the root password is available, find the line with
PermitRootLogin, and write a
no at the end.
- To ensure the changes take place, restart your SSH server, using the following command
sudo systemctl restart sshd
Connecting SSH on a specific port
To connect your SSH server using a specific port, you can use the following command
ssh -p <Port Number> username@<IP or Domain>
Exiting or Disabling SSH
To exit your SSH connection, you can just run the command
exit, or hit the key combination
To disable your SSH server, you need to run the following command
sudo systemctl stop ssh # To stop SSH service
sudo systemctl disable ssh # Don't start SSH on system power on
This tutorial covered how to install, and/or enable SSH on your system. After that how to connect, using a port number if needed, and how to edit your configuration files, to ensure better security.