Installing and Configuring OpenSSH
Table of Contents
Made the fantastic error of not installing OpenSSH, when creating a new VM for test… Genius at work!!!
This will be a quick post on how you install and enable ssh on Ubuntu, so lets get started!
Installing OpenSSH Server⌗
As this is a fresh install, your user should have sudo permission. You will need to install the OpenSSH package, which is easily available from the Ubuntu repositories. You can will use following command:
sudo apt-get install openssh-server
Or you can run the command
sudo tasksel
This will give you the screen below and you can select SSH server or whatever defined package you like (I just learnt this myself!!)
Configuring OpenSSH⌗
Now that the package has been installed, we will need to edit the config file. First create a backup of the original file, just in case something going terrible wrong, it will be an easier rollback!
sudo cp -a /etc/ssh/sshd_config /etc/ssh/sshd_config_backup
Now let’s make the magic happen :D
sudo nano /etc/ssh/sshd_config
Firstly thing to consider is changing the port that your SSH server listens. By default SSH servers listen on port 22, as this is the default everyone will know what port to attack if they want to illegally access your machine. By changing this to a non-standard port you will be securing your server from kiddie scripts and bots.
# What ports, IPs and protocols we listen for
Port 2222
Next you would want to disable SSH access for the root user. As root is the super user, if your root password gets hacked, you will be screwed royally! So with that in mind, we need to look for PermitRootLogin and set this no to disable anyone from logging in as root.
# Authentication:
LoginGraceTime 120
PermitRootLogin no
StrictModes yes
Finally, you can list specific users that you want to have SSH access to your server. By adding this line to the end of ssh_config file, you will allow selected users:
AllowUsers bob bill jack millie
Once you have happy with everything, you can save and exit the file and you will need to restart the daemon for the changes to take affect Use the following to restart SSH:
sudo service ssh restart
Job done :D