Secure Shell (SSH) is a cryptographic network protocol used for secure remote access to a computer system. It is widely used for administering servers and other network devices remotely. In this blog, we will discuss how to configure and use SSH for secure remote access to Ubuntu.
Enabling SSH on Ubuntu
By default, SSH is not enabled on Ubuntu. To enable it, follow these steps:
- Open the terminal and update the system package list:
sudo apt-get update
- Install the SSH server:
sudo apt-get install openssh-server
- Once the installation is complete, start the SSH service:
sudo systemctl start ssh
- You can check the status of the SSH service using the following command:
sudo systemctl status ssh
Configuring SSH
After enabling SSH, you can configure it to meet your needs. Here are a few configuration options you may want to consider:
Changing the default SSH port
By default, SSH uses port 22. Changing the default port can help to prevent unauthorized access. To change the port, follow these steps:
- Open the SSH configuration file:
sudo nano /etc/ssh/sshd_config
- Find the line that specifies the port number (usually near the top of the file):
# Port 22
- Uncomment the line and change the port number to your desired value (e.g., 12345):
Port 12345
- Save the file and restart the SSH service:
sudo systemctl restart ssh
Restricting SSH access to specific users
You can restrict SSH access to specific users by editing the SSH configuration file:
- Open the SSH configuration file:
sudo nano /etc/ssh/sshd_config
- Find the line that specifies which users are allowed to access SSH (usually near the top of the file):
# AllowUsers user1 user2
- Uncomment the line and add the usernames of the users you want to allow:
AllowUsers user1 user2
- Save the file and restart the SSH service:
sudo systemctl restart ssh
Disabling password authentication
To further enhance security, you can disable password authentication and use SSH keys instead. Here’s how:
- Open the SSH configuration file:
sudo nano /etc/ssh/sshd_config
- Find the line that specifies whether password authentication is allowed:
# PasswordAuthentication yes
- Uncomment the line and change “yes” to “no”:
PasswordAuthentication no
- Save the file and restart the SSH service:
sudo systemctl restart ssh
Using SSH
To use SSH to connect to a remote Ubuntu server, follow these steps:
- Open a terminal on your local machine.
- Type the following command, replacing “username” and “server_ip” with the appropriate values:
ssh username@server_ip
- If this is your first time connecting to the server, you will be prompted to accept the SSH key fingerprint. Type “yes” to continue.
- If password authentication is enabled, you will be prompted to enter your password. If you have disabled password authentication, you will need to use an SSH key instead.
- Once you are logged in, you can use the terminal to run commands on the remote server.
Conclusion
SSH is a powerful tool for secure remote access to Ubuntu. By following the steps outlined in this blog, you can enable, configure, and use SSH to connect to your Ubuntu server with confidence. Remember to always follow the best.
