Setting a remote connection between a client and server can be dangerous without first setting proper security measures.
A secure connection is vital when managing your server and transferring files without the risk of compromising any sensitive information.
That’s why enabling Secure Shell (SSH) is crucial to keeping your files, connection, and server activity secure and well-protected.
In this article, we’ll teach you how to Enable SSH Ubuntu on your desktop.
Getting Started
Linux and macOS systems already have SSH installed by default. Before we can dive into how to enable SSH on Ubuntu, we’ll have to verify you have SSH installed.
The commands we’ll be teaching you will work on most Debian-based distros along with the following:
- Ubuntu 18.04
- Ubuntu 17.04
- Ubuntu 16.10
- Ubuntu 16.04
- Ubuntu 14.04
- Debian 6, 7, or 8
- Ubuntu Budgie, GNOME, MATE, Kubuntu, Xubuntu, Lubuntu, etc.
How to Enable SSH
Now that the prerequisites are out of the way, we can begin enabling SSH on your Ubuntu desktop. This process is straightforward and easy to perform.
Step 1: Open your Terminal using Ctrl + Alt + T, or you can open your Ubuntu Dash and click on the terminal icon then enable SSH using the following command:
sudo apt update
This will configure your Ubuntu version to the latest update. Once that’s done, proceed to step 2:
Step 2: Type the command
sudo apt-get install openssh-server
After typing install openssh-server, input your password and enter Y to proceed with the installation.
Step 3: Check if your installation was successful and if the SSH will run by typing the command:
sudo systemctl status ssh or sudo service ssh status
Step 4: Press q to go back to the command line prompt. Ubuntu also comes with a firewall configuration tool known as UFW. If UFW is enabled on your system, be sure to also open the SSH port by typing the command:
sudo ufw allow ssh
With you being able to successfully enable SSH on your desktop, you can now connect via SSH from any remote machine.
How to Configure SSH
After you enable SSH on Ubuntu, you aren’t quite finished just yet.
You still have to configure it meaning you have to change the default port or allow root login.
The default port runs on port 22, which is vulnerable to attacks. We recommend changing the default port to take extra security precautions.
How to Change Your Port
Step 1: Open the SSH configuration file by typing the command:
sudo nano /etc/ssh/sshd_config
In case you don’t have nano installed in your desktop, simply type:
sudo apt-get install nano -y
Step 2: After installing nano, type the command as mentioned in Step 1 (/etc/ssh/sshd_config). Once you’ve opened the file, find # Port 22, and change it to:
Port 2020 or 1337
Step 3: Save your changes and the file by typing Ctrl + W. Hit Y and then press Enter
Step 4: Configure the firewall once again since you changed to a new port by typing:
sudo ufw allow 1337 or 2020
Step 5: Restart the SSH server for the changes to take effect:
sudo service ssh restart
How to Permit Root Login
Let’s say you want the root user to have access. You can do this as well by configuring SSH to permit the root login.
Step 1: Open the terminal and type:
sudo nano /etc/ssh/sshd_config
Step 2: Find the line that says “PermitRootLogin without-password” and change it to:
PermitRootLogin yes
Step 3: Press Ctrl + W to save the changes made or enter the default mode by pressing the “Esc” key and then typing “:wq”. It’s also possible you might need to add an “!” to the “:wq” to force successful writing & quitting.
Step 4: Restart the SSH server to apply the changes made by typing:
sudo systemctl restart ssh
How to Connect to SSH Server via Lan
Step 1: Open the Terminal and type the command:
ssh User@ip-address -p port
User – Account name in your Ubuntu desktop system
Ip address – Ip address of your Ubuntu desktop system
Port – Refers to the port number installed on your SSH server
For example, if your username is Dave, IP address as 192.168.121.111, and your port is 1337, then type the command:
ssh Dave@192.168.121.111 -p 1337
If you don’t know your IP address, simply type the command:
ip a
If this is your first time, your Ubuntu system will prompt a similar message:
The authenticity of host '[192.168.121.111]:1337 ([192.168.121.111]:1337)' can't be established.
Are you sure you want to continue connection (yes/no)?
Step 2: Type yes and then hit Enter. you’ll be asked for your password as shown:
Warning: Permanently added '[192.168.121.111]:2020' (ECDSA) to the list of known hosts.
Dave@192.168.121.111's password:
Step 3: Provide your user password, and you should get the following message:
Welcome to Ubuntu 18.04 LTS (GNU/Linux 4.15.0-31-generic x86_64)
* Documentation: https://help.ubuntu.com
* Management: https://landscape.canonical.com
* Support: https://ubuntu.com/advantage
On your Ubuntu 18.04 desktop, you’ve successfully configured SSH to connect via LAN.
How to Connect to SSH Server via the Internet
Before you can connect to your Ubuntu desktop via the Internet, you’ll have to know your IP address.
Once found, you can configure your router to accept data from port 1337 or 2020 and then send this data to your Ubuntu desktop, where the SSH is running.
To find the IP address of the Ubuntu desktop you want to SSH to, visit the URL: https://api.ipify.org.
After you’ve found the IP address, you’ll have to configure your port forwarding.
Each router has different configuration options, so it would be best to consult the router documentation on how to set up port forwarding.
Once all of this is done, open your terminal in Ubuntu and type the command:
ssh username@public-ip-address
You’ll be asked to type your SSH password. Once you’ve entered your password, you’ll be logged onto your Ubuntu Desktop via the Internet!
Since your Ubuntu desktop and server runs the risk of being exposed via the Internet, take extra safety precaution measures.
We recommend configuring your router to accept SSH traffic on a non-standard port and forward it to port 1337 or 2020 on the desktop that’s running SSH service.
How to Disable SSH on Ubuntu
You’ve learned how to enable ssh on Ubuntu and how to connect to the SSH server via the Internet and LAN.
In the event you want to disable SSH on your desktop, we’ll also teach you how to do this step-by-step.
Step 1: To stop or disable SSH on Ubuntu, type the command:
sudo systemctl stop ssh
Step 2: If you want to start it again, simply type:
sudo systemctl start ssh
You can also disable the SSH service to start during the system boot run by typing:
sudo systemctl disable ssh
Final Thoughts
Now that you know how to install, enable, disable, and perform SSH configure commands, you can now perform various system admin tasks securely and safely.
As a fellow Linux user, we hope this tutorial was able to help and guide you through enabling SSH on your desktop. For any suggestions and thoughts, feel free to leave them in the comments section below!