Learn how to remote access your Ubuntu systems securely using SSH. This article will walk you through the process of setting up SSH, configuring key-based authentication, and implementing best security practices to ensure a safe connection to your Ubuntu servers. Whether you need to manage servers or access remote files, SSH provides a robust solution for secure communication over unsecured networks.
What Is SSH and Its Key Features?
SSH, or Secure Shell, is a cryptographic network protocol used for secure communication over an unsecured network. It’s widely employed for remote server access, file transfers, and managing network infrastructure and other remote administrative tasks. Here are at least five key features of SSH:
- Encryption. SSH provides strong encryption of all data exchanged between the client and server, ensuring that sensitive information, such as passwords and confidential data, is protected from eavesdropping and interception by malicious actors.
- Authentication. It supports various authentication mechanisms, including password-based authentication and more secure methods like public key authentication, which allows users to establish their identity using a pair of digital keys rather than a password.
- Port Forwarding/Tunneling. SSH allows users to securely forward or tunnel network ports and traffic. This can be used to secure file transfers with SFTP or SCP, set up VPNs, and securely access web applications, databases, and other services.
- Command and Control. Through SSH, users can execute commands on remote servers, manage system and application configurations, and perform administrative tasks, all over a secure channel.
- Interoperability. SSH is supported on a wide range of platforms, including Linux, Unix, Windows, and macOS, making it a versatile tool for cross-platform management and operations.
These features make SSH an indispensable tool for administrators, developers, and IT professionals looking to secure their network communications and remote operations. In the next section, let’s take a look at how to use SSH for secure remote access in Ubuntu.
Process for Using SSH for Secure Remote Access in Ubuntu
Using SSH (Secure Shell) for secure remote access in Ubuntu is a powerful way to manage your system and files from a distance. This step-by-step guide will walk you through the process of setting up and using SSH, including detailed descriptions, commands, and sample output.
#1 Install OpenSSH Server on Ubuntu
First, you need to install the OpenSSH server on the Ubuntu system you want to access remotely. Open your terminal and update your package list to ensure you get the latest version of the software.
sudo apt update
Install the OpenSSH Server package by executing the following command:
sudo apt install openssh-server
Then verify that SSH is running by using this command:
Sample Output:
● ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
Active: active (running) since Tue 202X-XX-XX XX:XX:XX UTC; 2min 17s ago
Main PID: 1234 (sshd)
Tasks: 1 (limit: 4915)
CGroup: /system.slice/ssh.service
└─1234 /usr/sbin/sshd -D
#2 Secure SSH (Optional but Recommended)
Before proceeding, it’s a good idea to secure your SSH access. First, edit the SSH configuration file.
sudo nano /etc/ssh/sshd_config
Make changes to improve security, such as:
- Changing the default SSH port (Port 22) to a non-standard port.
- Disabling root login (PermitRootLogin no).
- Allowing only specific users (AllowUsers your_username).
Restart SSH to apply changes by using this command:
sudo systemctl restart ssh
#3 Connect from a Remote System
To access your Ubuntu system remotely, use the SSH command from another machine.
ssh your_username@your_server_ip -p port_number
- your_username is the username on the Ubuntu system you’re accessing.
- your_server_ip is the IP address of your Ubuntu system.
- port_number is the SSH port configured on your Ubuntu system (default is 22).
Sample Command:
ssh jane@192.168.1.5 -p 2222
When you connect for the first time, you’ll see a message asking to confirm the host’s authenticity. Type yes, then enter your password when prompted.
Sample Output:
The authenticity of host '[192.168.1.5]:2222 ([192.168.1.5]:2222)' can't be established. ECDSA key fingerprint is SHA256:x3HUNXHs5U8Gv/st5FNsJ8GOILz545HWp/HAMm/3LCc. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '[192.168.1.5]:2222' (ECDSA) to the list of known hosts. jane@192.168.1.5's password: Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-42-generic x86_64) ... jane@ubuntu-server:~$
#4 Transferring Files Using SSH
For file transfers, use SCP or SFTP. Here’s how to copy a file from your local machine to the remote server using SCP:
scp -P port_number /path/to/local/file your_username@your_server_ip:/path/to/remote/directory
Sample Command:
scp -P 2222 ~/Documents/test.txt jane@192.168.1.5:/home/jane/
This will copy test.txt from your local Documents directory to the /home/jane/ directory on the remote server.
By following these steps, you’ve successfully set up SSH for secure remote access in Ubuntu. This setup not only allows you to manage your system from anywhere but also ensures that your connections are encrypted and secured against unauthorized access.
Conclusion
Looking to deploy Linux in the cloud? With Gcore Cloud, you can choose from Basic VM, Virtual Instances, or VPS/VDS suitable for Linux:
- Gcore Basic VM offers shared virtual machines from €3.2 per month
- Virtual Instances are virtual machines with a variety of configurations and an application marketplace
- Virtual Dedicated Servers provide outstanding speed of 200+ Mbps in 20+ global locations
