Installing and Configuring SSH on Ubuntu Server: A Detailed Guide

Introduction

Secure Shell (SSH) is a widely used protocol that provides a secure channel over an unsecured network. It allows users to connect to remote servers and execute commands securely, making it an essential tool for system administrators and developers. When managing an Ubuntu server, SSH becomes the primary method for remote administration, ensuring that data transmitted over the network is encrypted and protected from eavesdropping.

Before you begin this guide, ensure that you have an Ubuntu server running on Proxmox. If you haven't set it up yet, check out our detailed blog on Installing Ubuntu on Proxmox for a comprehensive walkthrough.

This guide is designed for those new to server management or those looking to enhance their skills. We will cover the installation and configuration of OpenSSH on an Ubuntu server, explain important configuration options, and discuss best practices for securing your SSH setup. By the end of this guide, you’ll have a well-configured SSH environment ready for secure remote access, allowing you to manage your server efficiently and safely.

Step 1: Install OpenSSH Server

1.1 Update Your Package List

Before installing new software, it's essential to ensure that your package manager is aware of the latest available packages. This step helps avoid potential issues during installation.

Open your terminal. If you're using the Proxmox console, you should already have a terminal session.
Run the following command:

> sudo apt update

The apt update command refreshes the package list, ensuring that you have the most current information about available software and updates. This is crucial for maintaining system stability and security.

1.2 Install OpenSSH Server

Next, you’ll install the OpenSSH server, which allows you to connect to your Ubuntu server securely.

Execute the following command:

> sudo apt install openssh-server

During the installation, you will see output indicating the progress. Once complete, you’ll receive a message confirming the installation.

The OpenSSH server package is a widely-used tool for enabling SSH connections. By installing this package, you set up a daemon (a background service) that listens for incoming SSH requests, facilitating secure remote access to your server.

Step 2: Verify the SSH Service

2.1 Check the Status of SSH

After installing the SSH server, it’s vital to ensure that the service is running properly.

Use the following command to check the status:

> sudo systemctl status ssh

Look for output that indicates the SSH service is active (running). If it’s not running, you can start it with:

> sudo systemctl start ssh

To enable the SSH service to start automatically on boot, run:

> sudo systemctl enable ssh

Checking the status of the SSH service ensures that your server is ready to accept remote connections. Enabling it to start on boot is essential for maintaining continuous access, especially after a server restart.

Step 3: Configure SSH Settings

3.1 Edit the SSH Configuration File

Customizing the SSH configuration file allows you to enhance security and tailor settings to meet your needs.

Open the SSH configuration file using a text editor like nano:

> sudo nano /etc/ssh/sshd_config

3.2 Key Configuration Options

Within the sshd_config file, you can modify several important settings:

Change the default SSH port (optional): Changing the default port (22) can help prevent automated attacks. Find the line:

> #Port 22

Uncomment it (remove the #) and change it to a different number (e.g., 2222):

> Port 2222

Disable root login: Preventing direct root access enhances security. Find the line:

> PermitRootLogin yes

Change it to:

> PermitRootLogin no

Allow only specific users (optional): Restricting SSH access to specific users can further secure your server. Add the following line (replace username with the actual username):

> AllowUsers username

3.3 Save and Exit

After making your changes, save the file and exit the text editor. In nano, do this by pressing CTRL + X, then Y to confirm changes, and Enter to exit.

3.4 Restart the SSH Service

To apply your configuration changes, restart the SSH service:

> sudo systemctl restart ssh

Modifying the SSH configuration file is vital for enhancing security and tailoring the server to your requirements. Changes like disabling root login and altering the default port are standard practices for hardening your server against potential threats.

Step 4: Configure the Firewall

4.1 Allow SSH Traffic

If you have a firewall enabled (like UFW), you need to allow SSH traffic through it to enable remote access.

To allow the default SSH port (22):

> sudo ufw allow ssh

If you changed the SSH port, use the following command (replace 2222 with your chosen port):

> sudo ufw allow 2222/tcp

4.2 Enable the Firewall (if not already enabled)

If UFW is not enabled yet, you can enable it with:

> sudo ufw enable

4.3 Check UFW Status

To verify the current status of the firewall and the allowed ports, use:

> sudo ufw status

Configuring the firewall is crucial for securing your server. By allowing SSH traffic, you ensure that you can connect to your server remotely while blocking other unnecessary ports, reducing the attack surface.

Conclusion

You have now successfully installed and configured SSH on your Ubuntu server, paving the way for secure and efficient remote management. Setting up SSH is a fundamental step in server administration, as it not only allows you to access your server from anywhere but also ensures that your communications are encrypted and secure from potential eavesdropping.

Next Steps:

Connect to Your Server: Use an SSH client like PuTTY or your terminal to connect to your server using the settings you've configured. Checkout detailed guide on connecting to your server using Putty and Filezila.
Explore SSH Features: Familiarize yourself with SSH features such as port forwarding, tunneling, and key-based authentication to enhance your remote management capabilities.
Refer Back: If you encounter any issues or want to revisit your setup, you can refer back to this guide or check out related resources to help troubleshoot or enhance your configuration.

By taking these steps, you’ll ensure that your Ubuntu server on Proxmox remains a secure and manageable environment, ready to support your projects and applications. Should you have any questions or require further assistance, don't hesitate to reach out or consult the community forums. Happy managing!