Linux Setting up SSH


Here’s a step-by-step guide on setting up SSH in Linux, with example commands and outputs for each step.

Step 1: Install OpenSSH

First, ensure that OpenSSH is installed. Most Linux distributions have it by default, but you can install it with the package manager if needed.

Command:

sudo apt update sudo apt install openssh-server

Example Output:

Reading package lists... Done Building dependency tree Reading state information... Done openssh-server is already the newest version (1:8.2p1-4ubuntu0.4). 0 upgraded, 0 newly installed, 0 to remove and 5 not upgraded.

Step 2: Start and Enable the SSH Service

After installation, start the SSH service and enable it to run at boot.

Commands:

sudo systemctl start ssh sudo systemctl enable ssh

Example Output:

Created symlink /etc/systemd/system/multi-user.target.wants/ssh.service → /lib/systemd/system/ssh.service.

You can verify that the SSH service is running with:

sudo systemctl status ssh

Example Output:

● ssh.service - OpenBSD Secure Shell server Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enabled) Active: active (running) since Mon 2024-11-09 08:34:07 UTC; 1min ago Docs: man:sshd(8) man:sshd_config(5)

Step 3: Configure SSH (Optional)

SSH configuration can be modified in the /etc/ssh/sshd_config file. Open this file with a text editor:

Command:

sudo nano /etc/ssh/sshd_config

You can make adjustments here, such as changing the SSH port or disabling root login:

  • Change the port by setting Port 2222 (or any other unused port)
  • Disable root login by setting PermitRootLogin no

After editing, save and close the file (if using nano, press Ctrl+X, then Y to confirm).

Restart the SSH service to apply changes:

sudo systemctl restart ssh

Step 4: Generate SSH Key Pair on Client

To set up SSH key authentication, you’ll first generate an SSH key pair on the client machine (the one you'll use to connect to the server).

Command:

ssh-keygen

Example Output:

Generating public/private rsa key pair. Enter file in which to save the key (/home/yourusername/.ssh/id_rsa): [Press Enter] Enter passphrase (empty for no passphrase): [Enter passphrase or press Enter for no passphrase] Enter same passphrase again: [Repeat passphrase or press Enter for no passphrase] Your identification has been saved in /home/yourusername/.ssh/id_rsa Your public key has been saved in /home/yourusername/.ssh/id_rsa.pub The key fingerprint is: SHA256:NxW37Y2U8QW6UnP1Zb/8FxPZ+zyFoOEF7+xl1PqoF2I yourusername@client The key's randomart image is: +---[RSA 2048]----+ | o . E | | . = = . . . | | = + + o . | | . + + . o o | | o oS o . | | o.o . o | | o ..+ | | . = =+ | | o=+o | +----[SHA256]-----+

Step 5: Copy the Public Key to the Server

To use the key for SSH login, copy your public key (id_rsa.pub) to the server. This can be done using the ssh-copy-id command:

Command:

ssh-copy-id username@server_ip

Example Output:

/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/home/yourusername/.ssh/id_rsa.pub" The authenticity of host 'server_ip (server_ip)' can't be established. ECDSA key fingerprint is SHA256:kS1J7NQJ2GZ2vvKr0KmNphABOQ5RbMm2DLW/hm1fP3c. Are you sure you want to continue connecting (yes/no)? yes /usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed username@server_ip's password: Number of key(s) added: 1

Step 6: Connect to the Server Using SSH

Now that your key is set up, you can connect to the server without a password.

Command:

ssh username@server_ip

Example Output:

Welcome to Ubuntu 20.04 LTS (GNU/Linux 5.4.0-42-generic x86_64) * Documentation: https://help.ubuntu.com * Management: https://landscape.canonical.com * Support: https://ubuntu.com/advantage Last login: Sun Nov 9 08:34:07 2024 from 192.168.1.10 username@server:~$

You're now successfully connected to your server using SSH! This setup allows secure remote access to your Linux server using SSH keys.