How to Install SSH on Ubuntu 22.04 or 20.04

OpenSSH is a crucial tool for secure remote communication, providing a safe way to access and manage servers. Understanding its features and benefits is essential for those planning to install SSH and enable it on Ubuntu 22.04 Jammy Jellyfish or its older stable release of Ubuntu 20.04 Focal Fossa.

Key Features of OpenSSH:

  • Secure Communication: With robust encryption, OpenSSH ensures that data transmitted between hosts is secure and protected from unauthorized access.
  • Remote Server Management: OpenSSH allows users to efficiently manage servers from a distance, facilitating tasks like starting and stopping services, modifying configurations, and troubleshooting.
  • Versatility: Using OpenSSH, users access remote machines, transfer files securely, and tunnel traffic for various purposes. Its flexibility enables customization to meet specific needs.
  • Open Source: As a free and open-source application, OpenSSH is accessible to all, providing a reliable alternative to costly commercial options.

With these features, OpenSSH is a reliable and secure tool for remote server access and management, making it a top choice for Ubuntu users. The following guide will walk you through installing and enabling SSH on Ubuntu 22.04 Jammy Jellyfish or Ubuntu 20.04 Focal Fossa, complete with configuration tips for enhanced security.

Install SSH on Ubuntu 22.04 or 20.04 via APT

Step 1: Update Ubuntu Before SSH Installation

First, update the package list and upgrade existing packages using the following command to avoid any conflicts on your system.

sudo apt update && sudo apt upgrade

Next, install OpenSSH by running the following command:

sudo apt install openssh-server

To check the version of the OpenSSH server installed on your Ubuntu system, you can use the following command in a terminal:

ssh -V

Configure SSH on Ubuntu 22.04 or 20.04

After installing OpenSSH, configure it to meet your needs. The default configuration suits most users, but edit the /etc/ssh/sshd_config file if necessary to adjust settings.

Although OpenSSH defaults to secure encryption and authentication, consider taking additional steps to enhance security further.

Change OpenSSH Ports on Ubuntu

Changing the default OpenSSH port is an effective way to prevent unauthorized access to your Ubuntu machine. Limiting the number of login attempts and disabling root login can further enhance your security.

To change the default OpenSSH port, edit the /etc/ssh/sshd_config configuration file. To do this, open the file using a text editor:

sudo nano /etc/ssh/sshd_config

In the configuration file, find the Port option and modify the port number to your desired number. For example, to change the port to 2222, add the following line:

Port 2222

Save the file and exit the editor. To apply the changes, restart the OpenSSH service using the following command:

sudo systemctl restart sshd

Limit Log in Attempts with SSH on Ubuntu

Next, you can limit the number of login attempts allowed for OpenSSH. This can help protect against brute-force attacks. To do this, edit the /etc/ssh/sshd_config file again:

sudo nano /etc/ssh/sshd_config

Find the MaxAuthTries option and modify the value to your desired number. For example, to set the maximum number of allowed login attempts to 3, add the following line:

MaxAuthTries 3

Save the file and exit the editor. To apply the changes, restart the OpenSSH service using the following command:

sudo systemctl restart sshd

Disable SSH Root Log in on Ubuntu

The following recommended security configuration is to disable root login for OpenSSH. This can help prevent attackers from gaining root access to your Ubuntu machine. To do this, edit the /etc/ssh/sshd_config file once again:

sudo nano /etc/ssh/sshd_config

Find the PermitRootLogin option and change the value to no. For example:

PermitRootLogin no

Save the file and exit the editor. To apply the changes, restart the OpenSSH service using the following command:

These configuration changes will help secure your Ubuntu machine and prevent unauthorized access.

Lock Down SSH with UFW Rules on Ubuntu

Ubuntu Firewall (UFW) is a front-end tool that simplifies managing your Ubuntu machine’s firewall. UFW allows further tightening of OpenSSH security by limiting incoming connections exclusively to necessary ports and IP addresses. Although Ubuntu typically includes UFW (Uncomplicated Firewall) by default, you may need to install it if it is not already on your system. You can do so with the command provided below:

sudo apt install ufw

Once installed, you can use UFW to allow incoming connections on the OpenSSH port (default 22) by running the following command:

sudo ufw allow ssh

If you changed the default OpenSSH port, you must allow incoming connections on the new port instead. For example, if you changed the port to 2222, use the following command instead:

sudo ufw allow 2222/tcp

You can then check the UFW status using the following command:

By default, UFW should deny all other incoming connections. However, you can restrict incoming connections to OpenSSH by specifying the IP address or range of IP addresses allowed to access your Ubuntu machine.

For example, if you want to allow incoming connections only from a specific IP address, use the following command:

sudo ufw allow from 203.0.113.0 to any port 22

Replace 203.0.113.0 with the IP address you want to allow

Connecting to a Remote Server via SSH on Ubuntu 22.04 or 20.04

Establishing a Connection through SSH on Ubuntu

Below are steps on how to connect using different authentication methods and ports.

ssh username@remote_server

Replace “username” with your account’s username and “remote_server” with the hostname or IP address of the desired server. When you initiate the command, the system will prompt you for your password to authenticate and successfully establish the connection.

Connecting with Public Key Authentication

For a heightened level of security, SSH supports connections using public key authentication. This method eschews the traditional password input, requiring a private key to verify your identity. To use public key authentication, execute:

ssh -i /path/to/private_key username@remote_server

In this command structure, /path/to/private_key should be replaced with the actual path to your private key file, while username and remote_server need to be substituted with your user name and the remote server’s IP address or hostname, respectively.

Specifying a Connection Port

SSH traditionally uses port 22 for connections, though some servers may use different ports. To connect through an alternative port, input:

ssh -p PORT_NUMBER username@remote_server

Ensure to replace PORT_NUMBER with the actual port number on which the remote server is listening for incoming SSH connections.

scp /path/to/local/file username@remote_server:/path/to/remote/directory

This command requires modification to reflect the actual file and directory paths on your local system and the remote server, as well as the correct username and remote_server.

Additional Common SSH Commands

For day-to-day operations, you might find the following SSH commands handy:

To copy a directory and its contents to the remote server:

scp -r /path/to/local/directory username@remote_server:/path/to/remote/directory

Run a command on a remote server:

ssh username@remote_server 'command_to_run'

Troubleshoot SSH on Ubuntu 22.04 or 20.04

If you encounter any issues with OpenSSH on your Ubuntu machine, here are some standard troubleshooting steps:

Check the OpenSSH logs for any error messages by running the following command:

sudo tail -f /var/log/auth.log

Check the status of the OpenSSH service by running the following command:

sudo systemctl status sshd


When reviewing, check for common errors, such as incorrect firewall configuration blocking incoming OpenSSH port connections. Also, ensure the OpenSSH service user has the correct permissions and access to the service.

Screenshots of systemd commands verifying OpenSSH status on Ubuntu 22.04 or 20.04Pin
Systemd command outputs demonstrate OpenSSH’s active and running status on Ubuntu 22.04 or 20.04.

Conclusion

This guide provides a comprehensive overview of OpenSSH installation and configuration on Ubuntu. It discusses the importance of using OpenSSH for secure communication, checks for OpenSSH installation, outlines installation and configuration processes, explains how to secure OpenSSH, and troubleshoots common issues. Follow this guide for effective and secure OpenSSH management with Ubuntu desktop or server.

Your Mastodon Instance
Share to...