How to Install OpenSSH on Ubuntu and Enable It [15 Easy Steps]

Written by

Reviewed by

Last updated: July 2, 2024

Expert verified

SVG Image

TL;DR

To install OpenSSH on Ubuntu and enable it, you can follow these steps:

  1. Check if OpenSSH is already installed using the command: dpkg -l | grep openssh-server.
  2. If OpenSSH is not installed, update the package list with: sudo apt update and install OpenSSH server with: sudo apt install openssh-server.
  3. Start the OpenSSH service: sudo systemctl start ssh.
  4. Optionally, enable automatic start at boot: sudo systemctl enable ssh.
  5. Allow SSH traffic through the firewall using the command sudo ufw allow ssh.

Continue reading the guide below to learn to install OpenSSH on Ubuntu and Enable It. Also learn the benefits and common errors of installing and enabling OpenSSH.

Setting up secure remote access to your server can be tricky, especially if you’re new to Linux. Don’t worry, though—OpenSSH is here to help. In this post, I’ll guide you through installing and enabling OpenSSH on Ubuntu, making it easy for you to securely access and manage your remote servers. You’ll find a detailed, step-by-step guide that covers everything from installation to firewall adjustments and troubleshooting common errors. By the end, you’ll have a secure and reliable remote access setup on your Ubuntu system. Let’s get started!

What is OpenSSH?

OpenSSH, or Open Secure Shell, is a set of tools that provide secure access to remote computers. It allows you to log into another computer, transfer files, and execute commands securely over an insecure network, like the internet.

Importance of OpenSSH in the Linux Ecosystem

OpenSSH is crucial in the Linux ecosystem for several reasons:

  • Secure Remote Access: Administrators and users can securely access and manage remote servers.
  • File Transfers: It supports secure file transfer protocols (SCP and SFTP) to move files between computers safely.
  • Tunneling: OpenSSH can create secure tunnels for other types of network traffic, adding an extra layer of security to applications.
  • Portability and Compatibility: OpenSSH is available on almost all Unix-like systems, including Linux, making it a standard tool for remote management.

Key Features and Benefits of Using OpenSSH

  • Encryption: Protects data with strong encryption algorithms, keeping it safe from interception.
  • Authentication: Supports various methods of authentication, including passwords and public keys, ensuring only authorized users gain access.
  • Port Forwarding: Enables secure forwarding of network traffic, which helps protect data when using less secure applications.
  • Simplicity and Flexibility: Easy to install and configure, suitable for both simple and complex network setups.
  • Open Source: Free to use and modify, with regular updates and strong community support, ensuring it stays secure and up-to-date.

How to Install OpenSSH on Ubuntu and Enable It

To install OpenSSH on Ubuntu and enable it, first open your terminal and update your package list with sudo apt update. Next, install the OpenSSH server package using sudo apt install openssh-server. Start the OpenSSH service with sudo systemctl start ssh and enable it to start on boot with sudo systemctl enable ssh. Adjust your firewall to allow SSH connections by running sudo ufw allow ssh. Verify the status with sudo systemctl status ssh and you’re all set to securely access your Ubuntu server remotely.

Here is a detailed step-by-step guide:

  1. Open a Terminal on your Ubuntu system.
opening terminal 1
  1. Enter the following command to check if OpenSSH is already installed:
dpkg -l | grep openssh-server

If OpenSSH is already installed, you will see it listed in the output.

    checking whether openssh is installed or not
    1. If OpenSSH is not already installed, you can install it by following these steps:
    2. Update the package list by running the command:
    sudo apt update

    The command will update the system package list.

      updating system packages
      1. Install the OpenSSH server package by running the following command:
      sudo apt install openssh-server
      1. Press Enter to continue the installation.
      installing openssh server package
      1. To start the OpenSSH service, use the following command:
      sudo systemctl start ssh

      This command will initiate the OpenSSH service, allowing remote access to your Ubuntu system.

        starting ssh service in ubuntu
        1. To stop the OpenSSH service, use the following command:
        sudo systemctl stop ssh

        This command will stop the OpenSSH service.

          stopping ssh service in ubuntu
          1. To enable the OpenSSH service to start automatically at boot, use the following command:
          sudo systemctl enable ssh

          This command configures the OpenSSH service to launch automatically when your Ubuntu system starts up, ensuring persistent remote access.

            auto enable ssh service on boot
            1. To disable the automatic start of the OpenSSH service at boot, use the following command:
            sudo systemctl disable ssh

            This command prevents the OpenSSH service from starting automatically during system boot, thereby disabling remote access by default.

              disabling auto start ssh service on boot
              1. To allow SSH traffic through the firewall and ensure secure remote access, first of all check the current firewall status by running:
              sudo ufw status

              This command will display the current status of the firewall.

                checking current status of firewall
                1. If the firewall is inactive, enable it by running:
                sudo ufw enable

                This command will activate the firewall on your system.

                  enabling firewall on system
                  1. Allow SSH traffic by running:
                  sudo ufw allow ssh

                  This command will add a rule to allow incoming SSH connections through the firewall.

                    allowing ssh traffic
                    1. Verify the firewall rules by running:
                    sudo ufw status

                    This command will display the updated firewall rules, including the newly added SSH rule.

                      verifying firewall rules

                      4 Common Errors When Using OpenSSH

                      When working with OpenSSH, encountering errors is not uncommon. However, understanding and resolving these errors is crucial to ensure a smooth and secure remote access experience. Here are four common errors you may encounter while using OpenSSH:

                      • 🔒 “Permission Denied (publickey)” error: This error often occurs when establishing an SSH connection using public key authentication. It indicates a problem with the SSH key setup or the permissions on the authorized_keys file. To resolve this, ensure the correct public key is configured on both the client and server, and the file permissions are correctly set.
                      • ⚠️ “Connection Refused” error: This error typically arises when the SSH service is not running on the remote server or is inaccessible due to firewall restrictions. Verify that the SSH service is running and properly configured on the server. Additionally, check the firewall settings to ensure the appropriate port (usually port 22) is open for SSH connections.
                      • 🚧 “Host Key Verification Failed” error: This error occurs when the host key of the remote server does not match the previously cached key, indicating a possible security breach or server misconfiguration. To resolve this, you can remove the cached key for the specific host or update the host key manually using the ssh-keygen command.
                      • 🔌 “Connection Timed Out” error: This error typically indicates a network connectivity issue. It can be caused by firewall restrictions, incorrect network configurations, or network interruptions. Ensure that the SSH port is open, the server is accessible from the client’s network, and no network disruptions or firewall rules are blocking the connection.

                      In Conclusion

                      In this guide, I’ve walked you through the step-by-step process of installing and enabling OpenSSH on Ubuntu. You learned how to update your system, install OpenSSH, adjust firewall settings, and verify that the service is running correctly.

                      If you’re interested in expanding your Linux skills further, I recommend exploring articles on:

                      • Learning how to enable SSH on Debian if you use multiple distributions.
                      • Exploring how to effectively use the netcat command in Linux, which can complement your SSH usage for various network tasks.
                      • How to fix the “You Have Held Broken Packages” error on Linux, which can sometimes occur during installations,

                      Frequently Asked Questions

                      Can I use OpenSSH with multiple user accounts?

                      Absolutely! OpenSSH supports multiple user accounts, making collaborative environments or systems convenient for multiple users. Each user can generate their own SSH key pair for authentication, ensuring secure access to the system. By associating each user with their respective public key, OpenSSH enables individualized access control and facilitates seamless user collaboration. Whether you’re working on a team project or managing a multi-user system, OpenSSH provides the flexibility to easily accommodate multiple user accounts.

                      How can I change the default SSH port?


                      Changing the default SSH port adds an extra layer of security to your system. To modify the default SSH port, you need to edit the SSH configuration file located at /etc/ssh/sshd_config. You’ll find a line inside the file specifying the current port number, typically set to 22. Simply modify this line to your desired port number, ensuring it falls within the range of valid ports (1-65535). Save the changes and restart the OpenSSH service for the new port configuration to take effect. It’s important to note that after changing the SSH port, you must specify the new port number when connecting to the server.

                      Is it possible to disable password-based authentication and use only public keys?

                      Yes, it is possible to disable password-based authentication and rely solely on public key authentication for heightened security. To achieve this, you’ll need to modify the SSH configuration file located at /etc/ssh/sshd_config. Look for the PasswordAuthentication option and set it to no. This configuration change instructs OpenSSH to reject password-based logins, making public key authentication the only accepted method. After saving the changes, remember to restart the OpenSSH service for the new configuration to take effect. By disabling password-based authentication, you can significantly enhance the security of your SSH connections, as public key authentication offers stronger cryptographic protection.

                      What should I do if I forget my SSH passphrase?

                      Forgetting an SSH passphrase can be a common occurrence, but fear not, there is a solution. If you forget your SSH passphrase, the recommended approach is to generate a new SSH key pair and replace the old one. Generating a new key pair involves creating a fresh private key and public key combination. After generating the new keys, make sure to securely store your new passphrase in a safe and memorable location. Alternatively, you can consider using an SSH agent to handle the passphrase for you, eliminating the need to remember it each time you use your SSH keys. Remember to update the public key on the remote systems you wish to access with the new key pair.

                      Ojash

                      Author

                      Ojash is a skilled Linux expert and tech writer with over a decade of experience. He has extensive knowledge of Linux's file system, command-line interface, and software installations. Ojash is also an expert in shell scripting and automation, with experience in Bash, Python, and Perl. He has published numerous articles on Linux in various online publications, making him a valuable resource for both seasoned Linux users and beginners. Ojash is also an active member of the Linux community and participates in Linux forums.

                      Akshat

                      Reviewer

                      Akshat is a software engineer, product designer and the co-founder of Scrutify. He's an experienced Linux professional and the senior editor of this blog. He is also an open-source contributor to many projects on Github and has written several technical guides on Linux. Apart from that, he’s also actively sharing his ideas and tutorials on Medium and Attirer. As the editor of this blog, Akshat brings his wealth of knowledge and experience to provide readers with valuable insights and advice on a wide range of Linux-related topics.

                      Share this article
                      Shareable URL
                      Prev Post

                      How to Use the Sort Command in Linux [10 Easy Ways]

                      Next Post

                      How to Install ImageMagick Ubuntu [3 Easy Methods]

                      Leave a Reply

                      Your email address will not be published. Required fields are marked *

                      Read next