Installing and Configuring OpenSSH

Reading Time: 2 minutes

Made the fantastic error of not installing OpenSSH, when creating a new VM for test… Genius at work!!!

This will be a quick post on how you install and enable ssh on Ubuntu, so lets get started!

Installing OpenSSH Server

As this is a fresh install, your user should have sudo permission. You will need to install the OpenSSH package, which is easily available from the Ubuntu repositories. You can will use following command:

sudo apt-get install openssh-server

Or you can run the command

sudo tasksel

This will give you the screen below and you can select SSH server or whatever defined package you like (I just learnt this myself!!)

Screenshot 2015-07-31 09.52.12

Configuring OpenSSH

Now that the package has been installed, we will need to edit the config file. First create a backup of the original file, just in case something going terrible wrong, it will be an easier rollback!

sudo cp -a /etc/ssh/sshd_config /etc/ssh/sshd_config_backup

Now let’s make the magic happen 😀

sudo nano /etc/ssh/sshd_config

Firstly thing to consider is changing the port that your SSH server listens. By default SSH servers listen on port 22, as this is the default everyone will know what port to attack if they want to illegally access your machine. By changing this to a non-standard port you will be securing your server from kiddie scripts and bots.

# What ports, IPs and protocols we listen for
Port 2222

Next you would want to disable SSH access for the root user. As root is the super user, if your root password gets hacked, you will be screwed royally! So with that in mind, we need to look for PermitRootLogin and set this no to disable anyone from logging in as root.

# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes

Finally, you can list specific users that you want to have SSH access to your server. By adding this line to the end of ssh_config file, you will allow selected users:

AllowUsers bob bill jack millie

Once you have happy with everything, you can save and exit the file and you will need to restart the daemon for the changes to take affect Use the following to restart SSH:

sudo service ssh restart

Job done 😀

The following two tabs change content below.

Keeran Marquis

Network Engineer
Keeran Marquis is a Network Engineer. His main goal is to learn everything within the Networking field, pick up a little bit of scripting, be a poor man sysadmin and share whatever he knows! All Posts are his own views, opinions and experiences, no guarantees they will work for you but point you in the right direction 🙂
Share this:
Share

Leave a Comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.