How to Use SSH for Secure Remote Access in Ubuntu

Learn how to remote access your Ubuntu systems securely using SSH. This article will walk you through the process of setting up SSH, configuring key-based authentication, and implementing best security practices to ensure a safe connection to your Ubuntu servers. Whether you need to manage servers or access remote files, SSH provides a robust solution for secure communication over unsecured networks.

What Is SSH and Its Key Features?

SSH, or Secure Shell, is a cryptographic network protocol used for secure communication over an unsecured network. It’s widely employed for remote server access, file transfers, and managing network infrastructure and other remote administrative tasks. Here are at least five key features of SSH:

  1. Encryption. SSH provides strong encryption of all data exchanged between the client and server, ensuring that sensitive information, such as passwords and confidential data, is protected from eavesdropping and interception by malicious actors.
  2. Authentication. It supports various authentication mechanisms, including password-based authentication and more secure methods like public key authentication, which allows users to establish their identity using a pair of digital keys rather than a password.
  3. Port Forwarding/Tunneling. SSH allows users to securely forward or tunnel network ports and traffic. This can be used to secure file transfers with SFTP or SCP, set up VPNs, and securely access web applications, databases, and other services.
  4. Command and Control. Through SSH, users can execute commands on remote servers, manage system and application configurations, and perform administrative tasks, all over a secure channel.
  5. Interoperability. SSH is supported on a wide range of platforms, including Linux, Unix, Windows, and macOS, making it a versatile tool for cross-platform management and operations.

These features make SSH an indispensable tool for administrators, developers, and IT professionals looking to secure their network communications and remote operations. In the next section, let’s take a look at how to use SSH for secure remote access in Ubuntu.

Process for Using SSH for Secure Remote Access in Ubuntu

Using SSH (Secure Shell) for secure remote access in Ubuntu is a powerful way to manage your system and files from a distance. This step-by-step guide will walk you through the process of setting up and using SSH, including detailed descriptions, commands, and sample output.

#1 Install OpenSSH Server on Ubuntu

First, you need to install the OpenSSH server on the Ubuntu system you want to access remotely. Open your terminal and update your package list to ensure you get the latest version of the software.

sudo apt update

Install the OpenSSH Server package by executing the following command:

sudo apt install openssh-server

Then verify that SSH is running by using this command:

Sample Output:

● ssh.service - OpenBSD Secure Shell server
   Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled)
   Active: active (running) since Tue 202X-XX-XX XX:XX:XX UTC; 2min 17s ago
 Main PID: 1234 (sshd)
    Tasks: 1 (limit: 4915)
   CGroup: /system.slice/ssh.service
           └─1234 /usr/sbin/sshd -D

Before proceeding, it’s a good idea to secure your SSH access. First, edit the SSH configuration file.

sudo nano /etc/ssh/sshd_config

Make changes to improve security, such as:

  • Changing the default SSH port (Port 22) to a non-standard port.
  • Disabling root login (PermitRootLogin no).
  • Allowing only specific users (AllowUsers your_username).

Restart SSH to apply changes by using this command:

sudo systemctl restart ssh

#3 Connect from a Remote System

To access your Ubuntu system remotely, use the SSH command from another machine.

ssh your_username@your_server_ip -p port_number
  • your_username is the username on the Ubuntu system you’re accessing.
  • your_server_ip is the IP address of your Ubuntu system.
  • port_number is the SSH port configured on your Ubuntu system (default is 22).

Sample Command:

ssh jane@192.168.1.5 -p 2222

When you connect for the first time, you’ll see a message asking to confirm the host’s authenticity. Type yes, then enter your password when prompted.

Sample Output:

The authenticity of host '[192.168.1.5]:2222 ([192.168.1.5]:2222)' can't be established.
ECDSA key fingerprint is SHA256:x3HUNXHs5U8Gv/st5FNsJ8GOILz545HWp/HAMm/3LCc.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.1.5]:2222' (ECDSA) to the list of known hosts.
jane@192.168.1.5's password: 
Welcome to Ubuntu 20.04.1 LTS (GNU/Linux 5.4.0-42-generic x86_64)
...
jane@ubuntu-server:~$

#4 Transferring Files Using SSH

For file transfers, use SCP or SFTP. Here’s how to copy a file from your local machine to the remote server using SCP:

scp -P port_number /path/to/local/file your_username@your_server_ip:/path/to/remote/directory

Sample Command:

scp -P 2222 ~/Documents/test.txt jane@192.168.1.5:/home/jane/

This will copy test.txt from your local Documents directory to the /home/jane/ directory on the remote server.

By following these steps, you’ve successfully set up SSH for secure remote access in Ubuntu. This setup not only allows you to manage your system from anywhere but also ensures that your connections are encrypted and secured against unauthorized access.

Conclusion

Looking to deploy Linux in the cloud? With Gcore Cloud, you can choose from Basic VM, Virtual Instances, or VPS/VDS suitable for Linux:

Choose an instance

Subscribe and discover the newest
updates, news, and features

We value your inbox and are committed to preventing spam