Simple Steps to setup OpenSSH server on Ubuntu 10.10
9:56 AM
Sudath Hemantha
,
1 Comment
One of Linux’s more useful features is its ability to permit secure, encrypted remote access. Secure Shell technology (SSH) permits you to control a remote computer without having actual physical access to the machine.
SSH’s network traffic is encrypted, and assuming you configure SSH correctly, quite secure.
You can use an SSH implementation called OpenSSH Server to remotely, securely access your machine.
Here’s how to install and perform a basic security configuration of OpenSSH Server on Ubuntu 10.10
First, you’ll need to install OpenSSH Server. To do so, open up a Terminal window and type the following command:
sudo apt-get install openssh-server
apt-get will then download and install OpenSSH Server. Depending upon the speed of your computer and Internet connection, the installation may take several minutes.
Once the installation has finished, return to the Terminal. We’ll need to make a few changes to your /etc/ssh/sshd_config file in order to increase SSH’s security. First, however, we’ll want to make a backup copy of your sshd_config file in case anything goes wrong. Type this command into the Terminal:
sudo cp /etc/ssh/sshd_config ~
This will make a backup copy of the sshd_config file in your home directory.
Next, we’ll need to edit the sshd_config file itself:
sudo gedit /etc/ssh/sshd_config
Once you’re editing the file, you’ll want to change the following directive as follows:
PermitRootLogin no
This will keep anyone from attempting to log into your server via SSH as root.
Next, add this direct to the end of the file:
AllowUsers USERNAME
AllowUsers adds an additional layer of protection by only allowing specific users to connect via SSH. For instance, if you wanted only users test1 and test2 to have SSH access, you would set AllowUsers as AllowUsers user1 user2
You may also want to consider changing the Ports directive. By default SSH runs over TCP/IP port 22, which means that any malware bot autoscanning port 22 can target it. Changing the Ports directive to something different will make SSH run over a different, blocking some of those automated cracking attempts.
Once you have finished changing your settings, save the sshd_config file, and restart the SSH daemon with this command:
sudo /etc/init.d/ssh restart
You should now be able to SSH into your Ubuntu 10.10 machine from another system with an SSH client (if windows use putty ., if ubuntu use openssh client)
SSH’s network traffic is encrypted, and assuming you configure SSH correctly, quite secure.
You can use an SSH implementation called OpenSSH Server to remotely, securely access your machine.
Here’s how to install and perform a basic security configuration of OpenSSH Server on Ubuntu 10.10
First, you’ll need to install OpenSSH Server. To do so, open up a Terminal window and type the following command:
sudo apt-get install openssh-server
apt-get will then download and install OpenSSH Server. Depending upon the speed of your computer and Internet connection, the installation may take several minutes.
Once the installation has finished, return to the Terminal. We’ll need to make a few changes to your /etc/ssh/sshd_config file in order to increase SSH’s security. First, however, we’ll want to make a backup copy of your sshd_config file in case anything goes wrong. Type this command into the Terminal:
sudo cp /etc/ssh/sshd_config ~
This will make a backup copy of the sshd_config file in your home directory.
Next, we’ll need to edit the sshd_config file itself:
sudo gedit /etc/ssh/sshd_config
Once you’re editing the file, you’ll want to change the following directive as follows:
PermitRootLogin no
This will keep anyone from attempting to log into your server via SSH as root.
Next, add this direct to the end of the file:
AllowUsers USERNAME
AllowUsers adds an additional layer of protection by only allowing specific users to connect via SSH. For instance, if you wanted only users test1 and test2 to have SSH access, you would set AllowUsers as AllowUsers user1 user2
You may also want to consider changing the Ports directive. By default SSH runs over TCP/IP port 22, which means that any malware bot autoscanning port 22 can target it. Changing the Ports directive to something different will make SSH run over a different, blocking some of those automated cracking attempts.
Once you have finished changing your settings, save the sshd_config file, and restart the SSH daemon with this command:
sudo /etc/init.d/ssh restart
You should now be able to SSH into your Ubuntu 10.10 machine from another system with an SSH client (if windows use putty ., if ubuntu use openssh client)