How to Install OpenSSH on Ubuntu and Enable It [17 Easy Steps]

Written by

Reviewed by

Last updated: July 2, 2023

Expert verified

SVG Image

TL;DR

To install OpenSSH on Ubuntu and enable it, you can follow these steps:

  1. Check if OpenSSH is already installed using the command: dpkg -l | grep openssh-server.
  2. If OpenSSH is not installed, update the package list with: sudo apt update and install OpenSSH server with: sudo apt install openssh-server.
  3. Start the OpenSSH service: sudo systemctl start ssh.
  4. Optionally, enable automatic start at boot: sudo systemctl enable ssh.
  5. Allow SSH traffic through the firewall using the command sudo ufw allow ssh.

OpenSSH provides secure and efficient remote access with benefits like enhanced security, versatile functionality, efficiency, and cross-platform compatibility. However, you may encounter common errors like “Permission Denied (publickey),” “Connection Refused,” “Host Key Verification Failed,” and “Connection Timed Out.” Understanding and resolving these errors is crucial for a smooth and secure remote access experience.

Continue reading the guide below to learn to install OpenSSH on Ubuntu and Enable It. Also learn the benefits and common errors of installing and enabling OpenSSH.

In today’s interconnected world, secure remote access to systems is essential for efficient collaboration and system administration. One powerful tool that ensures secure communication between systems is OpenSSH. From enhanced security measures to seamless remote administration, OpenSSH empowers you to connect to remote systems with ease. Say goodbye to vulnerabilities and hello to a world of secure file transfers, secure tunnels, and secure remote command execution. In this comprehensive guide, I will walk you through the step-by-step guide to  install OpenSSH on Ubuntu and enable it. I have also discussed the common errors and benefits of installing and enabling OpenSSH.

How to Install OpenSSH on Ubuntu and Enable It

To install OpenSSH on Ubuntu and enable it, ensure that your system meets the requirements of Ubuntu operating system, access to Terminal, administrative privileges, and internet connectivity. By fulfilling these prerequisites, you can proceed with the installation and configuration of OpenSSH, enabling secure remote access and administration capabilities on your Ubuntu system. Here is a step-bystep guide:

  1. Open a Terminal on your Ubuntu system.
opening terminal 1
  1. Enter the following command to check if OpenSSH is already installed:
<strong>dpkg -l | grep openssh-server</strong>
  1. If OpenSSH is already installed, you will see it listed in the output.
checking whether openssh is installed or not
  1. If OpenSSH is not already installed, you can install it by following these steps:
  2. Update the package list by running the command:
<strong>sudo apt update</strong>
  1. The command will update the system package list.
updating system packages
  1. Install the OpenSSH server package by running the following command:
<strong>sudo apt install openssh-server</strong>
  1. Press Enter to continue the installation.
installing openssh server package
  1. To start the OpenSSH service, use the following command:
<strong>sudo systemctl start ssh</strong>
  1. This command will initiate the OpenSSH service, allowing remote access to your Ubuntu system.
starting ssh service in ubuntu
  1. To stop the OpenSSH service, use the following command:
<strong>sudo systemctl stop ssh</strong>
  1. This command will stop the OpenSSH service.
stopping ssh service in ubuntu
  1. To enable the OpenSSH service to start automatically at boot, use the following command:
<strong>sudo systemctl enable ssh</strong>
  1. This command configures the OpenSSH service to launch automatically when your Ubuntu system starts up, ensuring persistent remote access.
auto enable ssh service on boot
  1. To disable the automatic start of the OpenSSH service at boot, use the following command:
<strong>sudo systemctl disable ssh</strong>
  1. This command prevents the OpenSSH service from starting automatically during system boot, thereby disabling remote access by default.
disabling auto start ssh service on boot
  1. To allow SSH traffic through the firewall and ensure secure remote access, first of all check the current firewall status by running:
<strong>sudo ufw status</strong>
  1. This command will display the current status of the firewall.
checking current status of firewall
  1. If the firewall is inactive, enable it by running:
<strong>sudo ufw enable</strong>
  1. This command will activate the firewall on your system.
enabling firewall on system
  1. Allow SSH traffic by running:
<strong>sudo ufw allow ssh</strong>
  1. This command will add a rule to allow incoming SSH connections through the firewall.
allowing ssh traffic
  1. Verify the firewall rules by running:
<strong>sudo ufw status</strong>
  1. This command will display the updated firewall rules, including the newly added SSH rule.
verifying firewall rules

4 Benefits of OpenSSH: Secure and Efficient Remote Access

OpenSSH offers a wide range of benefits, making it an essential tool for secure and efficient remote access. Whether you are a system administrator, a developer, or an enthusiast, OpenSSH empowers you to connect to remote systems securely and effortlessly. Here are four benefits of using Open SSH:

  • 🔒 Enhanced Security: One of the primary advantages of OpenSSH is its robust security features. It employs strong encryption algorithms to protect data during transmission, ensuring confidentiality and preventing unauthorized access. OpenSSH also supports various authentication methods, such as password-based authentication and public key authentication, adding layers of security to your remote connections.
  • 💻 Versatile Functionality: OpenSSH provides a versatile set of tools that go beyond simple remote access. With OpenSSH, you can securely transfer files between systems using the SFTP (SSH File Transfer Protocol), establish secure tunnels to access services on remote machines, and perform remote command execution, among other capabilities. It is a comprehensive solution that caters to diverse remote access requirements.
  • 🚀 Efficiency and Convenience: OpenSSH simplifies remote access and administration tasks, improving efficiency and convenience. Its seamless integration with the command-line interface allows for the quick and straightforward execution of remote commands. Moreover, features like SSH key-based authentication eliminate the need to remember and enter passwords repeatedly, enhancing user experience and streamlining remote access workflows.
  • 🌍 Cross-Platform Compatibility: OpenSSH is not limited to a specific operating system; it offers cross-platform compatibility. Whether you are using Linux, macOS, or Windows, you can utilize OpenSSH to establish secure connections between systems, enabling seamless collaboration and system administration across heterogeneous environments. It promotes interoperability and facilitates remote access regardless of the platforms involved.

4 Common Errors When Using OpenSSH

When working with OpenSSH, encountering errors is not uncommon. However, understanding and resolving these errors is crucial to ensure a smooth and secure remote access experience. Here are four common errors you may encounter while using OpenSSH:

  • 🔒 “Permission Denied (publickey)” error: This error often occurs when establishing an SSH connection using public key authentication. It indicates a problem with the SSH key setup or the permissions on the authorized_keys file. To resolve this, ensure the correct public key is configured on both the client and server, and the file permissions are correctly set.
  • ⚠️ “Connection Refused” error: This error typically arises when the SSH service is not running on the remote server or is inaccessible due to firewall restrictions. Verify that the SSH service is running and properly configured on the server. Additionally, check the firewall settings to ensure the appropriate port (usually port 22) is open for SSH connections.
  • 🚧 “Host Key Verification Failed” error: This error occurs when the host key of the remote server does not match the previously cached key, indicating a possible security breach or server misconfiguration. To resolve this, you can remove the cached key for the specific host or update the host key manually using the ssh-keygen command.
  • 🔌 “Connection Timed Out” error: This error typically indicates a network connectivity issue. It can be caused by firewall restrictions, incorrect network configurations, or network interruptions. Ensure that the SSH port is open, the server is accessible from the client’s network, and no network disruptions or firewall rules are blocking the connection.

In Conclusion

I hope this guide has provided you with a comprehensive understanding to install OpenSSH on Ubuntu through a step-by-step process. Additionally, I have also discussed common errors that may arise when using OpenSSH, emphasizing the importance of troubleshooting and resolving these issues effectively, and highlighted the benefits of OpenSSH.

To further enhance your knowledge and strengthen your SSH security practices, I recommend exploring the following articles: OpenSSH Best Practices, Advanced SSH Techniques, and Two-Factor Authentication (2FA) with OpenSSH. Remember, the security landscape is ever-evolving, so staying updated with the latest practices and regularly reviewing your SSH configuration is crucial.

Frequently Asked Questions

Can I use OpenSSH with multiple user accounts?

Absolutely! OpenSSH supports multiple user accounts, making collaborative environments or systems convenient for multiple users. Each user can generate their own SSH key pair for authentication, ensuring secure access to the system. By associating each user with their respective public key, OpenSSH enables individualized access control and facilitates seamless user collaboration. Whether you’re working on a team project or managing a multi-user system, OpenSSH provides the flexibility to easily accommodate multiple user accounts.

How can I change the default SSH port?

Changing the default SSH port adds an extra layer of security to your system. To modify the default SSH port, you need to edit the SSH configuration file located at /etc/ssh/sshd_config. You’ll find a line inside the file specifying the current port number, typically set to 22. Simply modify this line to your desired port number, ensuring it falls within the range of valid ports (1-65535). Save the changes and restart the OpenSSH service for the new port configuration to take effect. It’s important to note that after changing the SSH port, you must specify the new port number when connecting to the server.

Is it possible to disable password-based authentication and use only public keys?

Yes, it is possible to disable password-based authentication and rely solely on public key authentication for heightened security. To achieve this, you’ll need to modify the SSH configuration file located at /etc/ssh/sshd_config. Look for the PasswordAuthentication option and set it to no. This configuration change instructs OpenSSH to reject password-based logins, making public key authentication the only accepted method. After saving the changes, remember to restart the OpenSSH service for the new configuration to take effect. By disabling password-based authentication, you can significantly enhance the security of your SSH connections, as public key authentication offers stronger cryptographic protection.

What should I do if I forget my SSH passphrase?

Forgetting an SSH passphrase can be a common occurrence, but fear not, there is a solution. If you forget your SSH passphrase, the recommended approach is to generate a new SSH key pair and replace the old one. Generating a new key pair involves creating a fresh private key and public key combination. After generating the new keys, make sure to securely store your new passphrase in a safe and memorable location. Alternatively, you can consider using an SSH agent to handle the passphrase for you, eliminating the need to remember it each time you use your SSH keys. Remember to update the public key on the remote systems you wish to access with the new key pair.

Ojash

Author

Ojash is a skilled Linux expert and tech writer with over a decade of experience. He has extensive knowledge of Linux's file system, command-line interface, and software installations. Ojash is also an expert in shell scripting and automation, with experience in Bash, Python, and Perl. He has published numerous articles on Linux in various online publications, making him a valuable resource for both seasoned Linux users and beginners. Ojash is also an active member of the Linux community and participates in Linux forums.

Akshat

Reviewer

Akshat is a software engineer, product designer and the co-founder of Scrutify. He's an experienced Linux professional and the senior editor of this blog. He is also an open-source contributor to many projects on Github and has written several technical guides on Linux. Apart from that, he’s also actively sharing his ideas and tutorials on Medium and Attirer. As the editor of this blog, Akshat brings his wealth of knowledge and experience to provide readers with valuable insights and advice on a wide range of Linux-related topics.

Share this article
Shareable URL
Prev Post

How to Effectively Use the Sort Command in Linux [4 Easy Ways]

Next Post

17 Simple Steps to Install ImageMagick on Ubuntu

Leave a Reply

Your email address will not be published. Required fields are marked *

Read next