Enabling SSH on Ubuntu is a straightforward process that unlocks secure remote administration for your server or desktop environment. This protocol allows you to manage your machine from anywhere, provided you have a reliable internet connection and the correct network configuration. For system administrators and home users alike, this capability is essential for maintaining servers without direct physical access.
Understanding the SSH Service
SSH, or Secure Shell, is a cryptographic network protocol used to operate network services securely over an unsecured network. On Ubuntu, the service is typically managed by `openssh-server`, a package that provides the necessary daemon to handle incoming connections. By default, this server is not installed to minimize the potential attack surface of your system. Installing and starting it grants you the ability to connect using terminal emulators and file transfer tools that support the protocol.
Installing the OpenSSH Server
Before you can enable remote connections, you must install the server software. Ubuntu utilizes the Advanced Package Tool (APT) to handle software installation, making the process highly reliable. You will need to update your local package index to ensure you are installing the latest available version.
Command Line Installation
To install the server, open your terminal and execute the following commands with superuser privileges. First, update the package list, then install the `openssh-server` package.
sudo apt update
sudo apt install openssh-server
The system will calculate dependencies and prompt you to confirm the installation. Once confirmed, the software will be downloaded and configured automatically.
Verifying the Service Status
After installation completes, the SSH daemon should start automatically. It is good practice to verify that the service is running correctly and listening on the appropriate port. This ensures that your firewall rules will allow traffic to reach the daemon.
sudo systemctl status ssh
If the output shows "active (running)", the service is live. You can also check the listening ports using sudo ss -lntp | grep ssh to confirm it is bound to port 22.
Configuring the Firewall
Ubuntu’s default firewall configuration, `ufw`, is designed to block incoming connections by default. If you enable SSH without adjusting these rules, you may lock yourself out of the machine if you restrict root login later. You must explicitly allow the SSH traffic to pass through the firewall.
Allowing SSH Traffic
To allow incoming SSH connections, you need to add a rule to the firewall. The following command allows traffic on the default port.
sudo ufw allow ssh
Once added, you can enable the firewall if it was previously disabled. Always ensure you have a console or alternative access method available when configuring firewall rules on a remote server to prevent accidental lockouts.
Connecting to Your Ubuntu Machine
With the server installed and the firewall configured, you can now connect to your Ubuntu machine from another device. Any SSH client can be used, including the built-in clients on Linux, macOS, and Windows 10/11.
On Linux or macOS, use the terminal command: ssh username@your_server_ip .
On Windows, you can use PowerShell or the Command Prompt with the same command, or utilize GUI clients like PuTTY.
Upon your first connection, the client will warn you about the authenticity of the host; accept it to save the key. You will then be prompted for your user password to authenticate.
