SSH (Secure Shell) as its name indicates is the secure shell support to communicate between computers within the network. In Ubuntu (and other Linux systems), SSH connects the system with another machine of the less secure network by authenticating the machine and its user. SSH utilizes public key authentication to establish a connection and ensure the secure transmission of the data over the network.

SSH is widely used by not only Linux but also Unix-based systems and Windows as well.

Keeping the importance of SSH in view, this post addresses the possible method to install SSH on Ubuntu, alongside its service and firewall configuration.

Let’s start with the installation:

How to Install SSH on Ubuntu 22.04?

SSH package is available on the default repository of Ubuntu. The SSH as a whole is the combination of three packages, i.e., openssh-server (server component of SSH), openssh-client (Client support of SSH), and openssh-sftp-server (part of SSH that manages the Secure File Transport Protocol). So, when installing SSH, you would also get these additional packages as well.

Step 1: Update the Packages

First, use the update command to load the updated versions of the packages in the apt list:

$ sudo apt update

Step 2: Install SSH

Now, install the SSH package on your Ubuntu using the command:

$ sudo apt install ssh

Note: Installing SSH only is useless until the user configures the SSH service and the firewall for the connections. These concepts are presented in the upcoming sections.

How to Configure SSH Service on Ubuntu 22.04?

SSH is managed from its backend service sshd on Ubuntu. If the service is not configured properly, you won’t be able to have a well-established SSH connection. Let’s configure the SSH service using the systemctl utility via the commands:

Check the Status of the SSH Service

$ sudo systemctl status ssh

At the moment, the SSH service is in an inactive (dead) state.

Start the SSH Service

$ sudo systemctl start ssh

Enable the SSH Service to start the service at each startup

$ sudo systemctl enable ssh

For verification at any moment, check the service’s status via the command:

$ sudo systemctl status ssh

Restart the SSH Service

$ sudo systemctl restart ssh

Stop the SSH Service

$ sudo systemctl stop ssh

Disable the SSH Service

$ sudo systemctl disable ssh

Let’s set up a firewall for SSH connections.

How to Set Up a Firewall for SSH on Ubuntu 22.04?

SSH connections have to pass through the firewall. If the firewall is not configured for the SSH connections, you won’t be able to establish a connection. Let’s do it on Ubuntu:

Prerequisites: Install UFW Utility

It is suggested to utilize the ufw command to manage the firewall operations on Ubuntu. Install it on your Ubuntu via the command:

$ sudo apt install ufw

Once installed, enable ufw to proceed further:

$ sudo ufw enable

Allow All SSH Connections

Use the following ufw command to allow all the connections over the firewall:

$ sudo ufw allow ssh

The above command will allow all connections which can be verified by checking the status as follows:

$ sudo ufw status

Allow Specific IP-Address for SSH Connection

However, if you want to allow SSH connections from a specific IP, you can use the following syntax. Replace the IP-Address with the one you want to allow:

$ sudo ufw allow from <IP-Address> to any port 22

Reload The Firewall

Whenever the firewall rules are changed. Ensure to reload the firewall via the command:

$ sudo ufw reload

Deny All SSH Connections

If you want to deny the SSH connections, you need to ask ufw to deny all the upcoming SS connections via the command:

$ sudo ufw deny ssh

Deny Specific IP-Address for SSH Connection

The users can use the following command to deny any address (on all ports):

$ sudo ufw deny from <IP-Address> to any

How to Connect to a Remote Machine Using SSH on Ubuntu 22.04?

Let’s say, the user wants to connect/access the Debian 12 from Ubuntu 22.04. It is suggested that the “ssh” must be installed and configured on both machines (following the steps mentioned above).

Step 1: Obtain the Username and the IP Address

If you are connecting to Debian 12, then use the following command on that system to get the IP address (of Debian 12):

$ ip add show

The IP address of the Debian 12 is “192.168.18.116”.

Similarly, use the following command to get the username.

$ whoami

Apart from that, the username can be seen from the terminal (as highlighted above) as well.

Step 2: Connect to Debian 12

Open your Ubuntu terminal and use the following ssh command. Replace the username and the IP address of the machine you are connecting to:

$ ssh [email protected]

While connecting, you will be asked to provide the password of the user (to whom you are connecting). In our case, the connection is successful and now the terminal of that machine is accessible which can be used to perform various tasks on the client machine remotely.

How to Run SSH on Port Other Than 22?

By default, port 22 is dedicated to the SSH and all the SSH connections listen on port 22. Have you ever thought that SSH can be run on ports other than 22? Yes, it is possible by changing the port in the “sshd_config” file. Let’s see how it can be done:

Step 1: Backup the sshd_config

The working and functionality of SSH depend on its configuration file located at “/etc/ssh/sshd_config”. It is recommended to create a backup of the file (as a minor mistake will result in malfunctioning of the SSH). For this, create a copy of the file and place it anywhere on the system as we did here:

$ sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.backup

Step 2: Choose the Port/Check the Availability of the Port

Users can choose the port between “1024 to 65535” whereas the ports from “0 to 1023” are occupied/reserved for the system. Let’s say we chose “Port 8888”. Before adding it to a file, you must check the availability of the “Port 8888”:

$ sudo ss -tulpn | grep ‘:8888’

The output is empty which states that the “Port 8888” is not yet occupied by any service on the system.

Step 3: Change the Port

Open the “sshd_config” file using any terminal-based editor and search for the port22 (if mentioned):

$ sudo nano /etc/ssh/sshd_config

Usually, the “Port 22” line would be commented on. Uncomment it and use any other port instead of “Port 22”.

Step 4: Update the Firewall Rules for the New Port

Now, use the ufw utility to allow all the connections on the changed port as follows:

$ sudo ufw allow 8888

Reload the firewall to adapt to the changes:

$ sudo ufw reload

Check the status of the firewall using ufw to verify the rule has been added:

$ sudo ufw status

It is seen that the firewall will allow all the connections coming through “Port 8888”.

Note: It is suggested to restart the SSH service as well:

$ sudo systemctl restart ssh

Step 5: Verify the SSH is listening to the Port 8888

Once the port is changed and the SSH is configured accordingly, use the lsof command in the following way to check that the SSH is listening to the new port:

$ sudo lsof -i -P | grep ssh

Look at the highlighted part in the output. The SSH is now listening to “Port 8888”.

Step 6: Connect Through the Newly Set Port

Now, use the ssh command with the “-p” flag and the new port to connect to the remote machine.

$ ssh -p 8888 username@IP-Address

Note: If you don’t mention the “-p” flag, the command will either return an error or it may establish a connection via the default port (22).

How to Remove SSH From Ubuntu 22.04?

The SSH can be removed from Ubuntu 22.04 via the command. The autoremove removes the dependencies that will be useless after the removal of SSH:

$ sudo apt autoremove ssh

SSH has been removed from Ubuntu 22.04.

Bottom Line

SSH is the widely used utility on Ubuntu or any other Linux distribution to establish remote connections safely. SSH is installed on Ubuntu using the command “sudo apt install ssh”. To establish a successful SSH connection, the SSH service and the firewall are configured properly to accept the connection request. The firewall is managed using the “ufw” command while the service is configured via the “systemctl” command, as discussed.

This post has discussed the installation method of the SSH on Ubuntu.