How to Use SSH on Ubuntu: Secure Remote Access, Installation, and Best Practices

1. What Is SSH? How to Use It on Ubuntu

SSH (Secure Shell) is a protocol that allows you to securely connect and operate a server remotely. On Linux systems like Ubuntu, SSH is an essential command-line tool for system administration. Using SSH encrypts communication with the server, preventing unauthorized access and eavesdropping by third parties.

Related link: What is SSH? Official Ubuntu Documentation

2. How to Install SSH on Ubuntu

Here’s how to install and set up an SSH server on Ubuntu to enable secure connections.

1. Update the package list:

   sudo apt update

2. Install the OpenSSH server:

   sudo apt install openssh-server

3. Start the service and check its status:

   sudo systemctl status ssh

Note: See Ubuntu’s OpenSSH detailed documentation for more information.

3. Checking SSH Service Status and Enabling It at Startup

Verify that SSH is running correctly and configure it to start automatically when the system boots.

1. Check SSH service status:

   sudo systemctl status ssh

2. Enable SSH to start on boot:

   sudo systemctl enable ssh

4. Allowing SSH Through the Firewall

Use Ubuntu’s built-in UFW (Uncomplicated Firewall) to allow SSH connections.

1. Allow SSH through the firewall:

   sudo ufw allow ssh

2. Check UFW status:

   sudo ufw status

5. How to Connect to an Ubuntu SSH Server

Follow these steps to connect remotely to your Ubuntu SSH server.

1. Check your IP address:

   ip a

2. Connect via SSH:

   ssh username@ip_address

If a warning appears during the first connection, type “yes” and proceed by entering your password.

Tip: Windows users can use software like PuTTY to connect via SSH.

6. Advanced SSH Configuration (Port Change, Disable Root Login)

Modify default SSH settings to improve security.

1. Change the default port:
   Changing the default port 22 reduces the risk of brute-force attacks.

   sudo nano /etc/ssh/sshd_config
   #Port 22 → change to your preferred port number

2. Disable root login:
   For enhanced security, disable login for the root user.

   PermitRootLogin no

After making changes, restart the SSH service.

sudo systemctl restart ssh

7. SSH Server Security Hardening (Best Practices)

Here are some best practices to further secure your SSH server.

1. Use SSH key authentication:
   Replace password authentication with public key authentication for greater security.
   See the SSH Key Generation Guide for details.
2. Restrict access to specific users:
   Use the AllowUsers directive to restrict SSH access to specific accounts.
3. Prevent brute-force attacks with Fail2Ban:
   Install Fail2Ban to automatically block repeated failed login attempts.

   sudo apt install fail2ban

Refer to the official Fail2Ban configuration guide for detailed setup instructions.

8. Common SSH Connection Troubleshooting

If you encounter connection issues, check the following:

• Firewall misconfiguration: Ensure UFW or other firewalls are properly configured.
• Incorrect IP address: Double-check your server’s IP address.
• Errors in SSH configuration file: Review /etc/ssh/sshd_config for mistakes and restart the service if needed.

Conclusion

This guide explained how to install, configure, and secure SSH on Ubuntu. Follow these best practices to enhance security and manage your servers efficiently. For more details, see the official Ubuntu SSH setup guide.