How to install and configure SSH on Ubuntu; enable SSH on Ubuntu Linux. OpenSSH is a freely available version of the Secure Shell (SSH) protocol family of tools for remotely controlling, or transferring files between, computers.
While the traditional tools used to accomplish these functions, such as telnet or rcp, are insecure and transmit the user’s password in cleartext when used. OpenSSH provides a server daemon and client tools to facilitate secure, encrypted remote control and file transfer operations, effectively replacing the legacy tools.
The OpenSSH server component, sshd, listens continuously for client connections from any of the client tools. When a connection request occurs, sshd sets up the correct connection depending on the type of client tool connecting. For example, if the remote computer is connecting with the ssh client application, the OpenSSH server sets up a remote control session after authentication. If a remote user connects to an OpenSSH server with scp, the OpenSSH server daemon initiates a secure copy of files between the server and client after authentication. OpenSSH can use many authentication methods, including plain password, public key, and Kerberos tickets.
sudo apt-get upgrade
sudo apt-get update
sudo apt-get install openssh-server -y
Once the installation is completed, the SSH service will start automatically. To verify the successful running of SSH service, run the following command:
sudo systemctl status ssh
For the active status, you should see something like Active: active (running) : This means that SSH is installed and running on your Ubuntu system.
Configuration
One can edit the configuration of the default behavior of the OpenSSH server application, sshd, by editing the file /etc/ssh/sshd_config.
sudo apt-get install nano -y
sudo nano /etc/ssh/sshd_config
For information about the configuration directives used in this file, you may view the appropriate manual page with the following command, issued at a terminal prompt:
man sshd_config
Configuration Directives
The following are examples of configuration directives you may change:
To set your OpenSSH to listen on TCP port 2222 instead of the default TCP port 22, change the Port directive as such: Port 2222
To have sshd allow public key-based login credentials, simply add or modify the line: PubkeyAuthentication yes<//tt> If the line is already present, then ensure it is not commented out.
To make your OpenSSH server display the contents of the /etc/issue.net file as a pre-login banner, simply add or modify the line:Banner /etc/issue.netIn the /etc/ssh/sshd_config file.
After making changes to the /etc/ssh/sshd_config file, save the file, and restart the sshd server application to effect the changes using the following command at a terminal prompt:
sudo apt-get update
sudo systemctl restart sshd.service
Note
Make a note that prior to editing the configuration file, you should make a copy of the original file and protect it from writing so you will have the original settings as a reference and to reuse as necessary. Copy the /etc/ssh/sshd_config file and protect it from writing with the following commands, issued at a terminal prompt:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.original
sudo chmod a-w /etc/ssh/sshd_config.original