Raspberry Pi Documentation
Raspberry Pi Store
Page cover image

SSH Configuration

Introduction

SSH (Secure Shell) is an essential protocol used to securely access network services over an unsecured network.

This tutorial will walk you through the process of installing and configuring SSH on Ubuntu 22.04 to ensure a secure connection.

Step 1: Prepare Ubuntu

Before installing SSH, it's important to update your system to ensure all packages are up to date. This can prevent conflicts and ensure security patches are applied.

sudo apt update && sudo apt upgrade

Step 2: Install SSH on Ubuntu

Ubuntu 22.04 does not come with SSH installed by default. You will need to install the OpenSSH server package manually.

sudo apt install openssh-server

Confirm any prompts with "Yes" to proceed with the installation.

Step 3: Start and Enable SSH

Once installed, start the SSH service and enable it to launch at boot using the following command:

sudo systemctl enable --now ssh

To check the service status to confirm it's active and running:

sudo systemctl status ssh

To disable SSH (if ever needed):

sudo systemctl disable ssh

Step 4: Configure the Firewall

Ensuring the firewall allows SSH connections is critical. Check the current firewall settings with:

sudo ufw status

If SSH is not listed, enable it by allowing SSH traffic:

sudo ufw allow ssh

Step 5: Connect to the Server

Finding the Server's IP Address or Domain Name

ip addr show

This will list all the networking details, including the server's IP address.

Look for entries under "inet" which will show IPv4 addresses.

This command is the simplest way to find out what username you're currently using in your session. It displays the username of the current user when you execute it.

whoami

With your username and IP address in hand, you can connect to your server using:

ssh username@IP_address
ssh username@domain

Replace username, IP_address, or domain with the actual user account and IP/domain of your server.

Step 6: Configure SSH for Increased Security

Further enhance your server's security by modifying the SSH configuration:

Back Up the Configuration

Before making any changes, back up your current SSH configuration:

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.initial

Editing the Configuration

Open the configuration file with a text editor like nano:

sudo nano /etc/ssh/sshd_config

Change the Default Port

Changing the default SSH port can help deter standard automated attacks:

  1. Find the line #Port 22.

  2. Uncomment it by removing the #.

  3. Change 22 to a high number (49152 - 65535) like 49532.

Enable Key-Based Authentication

This is more secure than password authentication:

  1. Find the line #PasswordAuthentication yes.

  2. Change it to PasswordAuthentication no.

Disable Root Login

Prevent the root user from logging in via SSH for added security:

  1. Find #PermitRootLogin yes.

  2. Change it to PermitRootLogin no.

Apply Other Security Measures

  • UseDNS to check hostname matches IP.

  • PermitEmptyPasswords should be no.

  • MaxAuthTries to limit failed login attempts.

  • AllowUsers/AllowGroups to specify who can log in.

  • LoginGraceTime and ClientAliveInterval to manage session and connection times.

After making all changes, save and exit the editor (Ctrl+X, then Y and Enter).

Restart SSH

Apply the changes by restarting the SSH service:

sudo systemctl restart ssh

If you've changed the SSH port, remember to specify it when connecting:

ssh -p new_port_number username@IP_address

Conclusion

This tutorial provided a detailed step-by-step guide to install and securely configure SSH on Ubuntu 22.04. By following these steps, you can ensure a secure and efficient remote management of your servers.

PreviousSSH keys between Windows and Linux machinesNextCreate SSH Keys

Last updated

Was this helpful?