Archives For November 30, 1999

This tutorial shows how to enable One Time PassWord in Ubuntu 24.04 for either local or remote SSH login.

One Time PassWord, OTPW in short, is a PAM module which is useful for allowing a user to login public or shared computer/server using a single-use password, that works only for one time.

By generating a list OTPW passwords, and configuring your system to allow OTPW logins, it will ask random one of the OTPW passwords on every login. And, that password will never work again once logged in successfully with it.

Continue Reading…

This is a simple tutorial shows how to disable password authentication, and use SSH key instead for remote login to remote Ubuntu Server or Desktop.

SSH (Secure Shell) is a popular and secure way to login remote servers and/or transfer data between local and remote machines. When you try to SSH to a remote server, it usually asks for user password for authentication.

However, passwords are not the most secure. They are generally either not complex or long enough to protect from attacks, or hard to remember and type again and again on every connection.

To be more secure and also save your time, the secure key authentication is a good choice. And, here’s how to set it up step by step.
Continue Reading…

This simple tutorial shows how to enable and setup Secure Shell (SSH) service in Ubuntu 24.04, so you can login remotely and transfer files securely in command console.

Debian and Ubuntu use OpenSSH (OpenBSD Secure Shell) to provide secure shell channel for making changes, transferring data, and performing other operations on server from a client remotely.

The SSH service is NOT enabled by default. And, here I’m going to how to enable and configure it in Ubuntu 24.04

Continue Reading…

How to Enable SSH Service in Ubuntu 22.04 LTS

Last updated: November 30, 2023 — 3 Comments

This simple tutorial shows how to enable Secure Shell (SSH) in Ubuntu 22.04, so you can login remotely and transfer data securely via the cryptographic network protocol.

Ubuntu uses OpenSSH to provide Secure Shell services. The client is pre-installed with out-of-the-box support for connecting to remove SSH server. The server package is available in system repository but not installed by default.

1. Install SSH Server:

Firstly, connect to your Ubuntu server, or press Ctrl+Alt+T on keyboard to open terminal in Ubuntu desktop.

When it opens, run the command below to install the server package:

sudo apt install ssh

Type user password for sudo authentication, though there’s no asterisk feedback

Once installed the service should run automatically. If not, use commands below to enable and start it:

sudo systemctl enable sshd && sudo systemctl start ssh

And, check the service status using command:

systemctl status ssh.service

2. Configure SSH Server:

After step 1, you should be able to connect to this Ubuntu server or desktop remotely via ssh and/or scp commands.

You may however configure it to listen on a different port, specify which users allowed to login, change the authentication methods, etc.

To do so, edit the “/etc/ssh/sshd_config” via the command below:

sudo nano /etc/ssh/sshd_config

For Ubuntu Desktop, replace nano with gedit to edit the config file with a graphical interface.

When the file opens, by removing ‘#‘ at the beginning and changing the number after ‘Port’ will change the listening port; Enable “PermitRootLogin prohibit-password” (remove # at the beginning will enable it) will allow root login via authentication key. To allow password login, change the value to ‘yes’, and you need to enable “PasswordAuthentication yes”.

For more configurations, see this document. And, if you want to setup an authentication key to login without password, try this tutorial.

After saving the file, remember to restart the SSH service to apply changes:

sudo systemctl restart sshd

3. Login or transfer data via SSH:

After setup the remote SSH server, you may run the command below to login remotely:

ssh server_user@server_ip -p 22890

Change the port number 22890 to yours or skip the -p flag if the default port is in use.

And, copy data from local to server via scp command:

scp -P 22890 /PATH/TO/FILE server_user@server_ip:/PATH/TO/DESTINATION

Or, grab data from server to local machine’s current directory via command:

scp -P 22890 server_user@server_ip:/PATH/TO/FILE ./

For those having Ubuntu or other Linux server (e.g., Debian, CentOS and Fedora) remotely, here’s how to login without password using SSH key authentication.

Compare to user password login, SSH key authentication is more secure because only the person who has the key allows to connect, and the keys are well encrypted by different algorithms. It also make SSH connection simple by login without password.

1. Enable SSH Service (Do it in server side):

In case you don’t have enabled the SSH service in remote server. You need to first connect to the server, and run command to install openssh:

sudo apt install openssh-server

For CentOS and Fedora server, use sudo dnf install openssh-server command instead.

After installation, enable and start the service via command:

sudo systemctl enable ssh && sudo systemctl start ssh

And finally verify the SSH service status by running command:

sudo system status ssh

If you see the service is active and running, you may start connecting the server via SSH remotely using the command below in local computer:

ssh user@server_ip

Replace user and server_ip. And use -p port_number to specify the port number if it’s not the default 22.

2. Enable SSH Key Authentication (Run commands in local PC):

The authentication keys are generated in local computers. They are usually consists of private key and public key. By uploading the public key into remote Linux server, you’ll be able to SSH login using the private key in local machine.

NOTE: this tutorial is tested on Ubuntu local computer, though it should work on most Linux, including Debian, Fedora, CentOS, and Arch Linux.

1. Install OpenSSH Client:

The OpenSSH client is installed out-of-the-box mostly. In case you don’t have it, run this command in local computer to install it:

sudo apt install openssh-client

For CentOS and Fedora, use sudo dnf install openssh openssh-clients instead.

2. Generate SSH Key Pair:

The ssh-keygen command allows to generate a SSH key pair via RSA, ECDSA, and ED25519 algorithms. While RSA is widely used and best supported, ED25519 offers better security and good performance.

a.) Firstly, create and navigate to the .ssh directory in local computer terminal window:

mkdir -p ~/.ssh && cd ~/.ssh

b.) Next, run command to generate a key pair:

ssh-keygen -t ed25519 -f linode_ed25519 -C "root@linode"

In the code, you may replace “ed25519” with your prefer encryption algorithm. And “-f linode_ed25519” specifies the key name, “-C “root@linode”” is the optional comment.

c.) For security reason, it’s highly recommended to set none permission (even not readable) for other users except for yourself:

chmod 600 ~/.ssh/linode_ed25519*

Change “linode_ed25519” to the key name you set in last step. And there’s an asterisk “*” in the end so it also applies to the “linode_ed25519.pub” file.

3. Upload the public key to host server (Do in local PC):

Now upload the public key (“linode_ed25519.pub” in my case) from local computer to remote server, using command:

cd ~/.ssh && ssh-copy-id -i linode_ed25519.pub user@server_ip

Don’t remember to add ‘-p number‘ if the listening port is not default 22. And you need to type remote user password for uploading the key.

After that, try SSH login again in local computer will ask for the key password you set in b.):

ssh user@server_ip

If you select Cancel, it will instead ask for user password authentication.

4. Enable No Password SSH Key Login (Do in local PC):

You can tick ‘Automatically unlock this key whenever I’m logged in‘ and type the password only for one time in the last screenshot. However, some desktop environments may not provide this friendly feature. So ‘ssh-agent’, OpenSSH authentication agent, is present to do the job for your.

Firstly run ‘ssh-agent’ via shell command:

eval 'ssh-agent'

Next, add the SSH key to the agent:

ssh-add linode_ed25519

After that, SSH command will login without typing the authentication key password.

5. Disable SSH user password login (Do in server side):

After successfully setup the key authentication, you may disable the user password login, so no one else can access the server!

Firstly, connect to the remote server and run command to edit the ssh daemon config file:

sudo nano /etc/ssh/sshd_config

Next, un-comment the “#PasswordAuthentication yes” line and set its value to no, so it will be:

PasswordAuthentication no

And then press Ctrl+X, type y and hit Enter to save the file.

Finally reload SSH via

sudo systemctl reload ssh

command and enjoy!

How to Enable SSH Service in Ubuntu 20.04

Last updated: May 28, 2020

Enable SSH Ubuntu 16.04

This quick tip shows how to enable Secure Shell (SSH) service in Ubuntu 20.04 LTS, both desktop and server, to allow secure remote login and other network communications.

Ubuntu includes OpenSSH, a suite of secure networking utilities based on the Secure Shell protocol, in its main repositories. While OpenSSH client is installed out-of-the-box, you can do following steps to install and setup OpenSSH server in Ubuntu 20.04.

1. First open terminal and run command to install the packages:

sudo apt install ssh

Type user password (no asterisk feedback) for sudo prompt and hit Enter.

2. Once installed, SSH services start in background silently. You can check its status by running command:

systemctl status ssh.service

You may replace status in the code with stop, reload, restart to stop, reload, or restart the service.

3. The SSH service should be working good now for basic use! If you want to change the listening port, root login permission, or other authentications, run command to edit the configuration file:

sudo nano /etc/ssh/sshd_config

replace nano with gedit if you’re on Ubuntu Desktop.

Save changes by pressing Ctrl+X, then Y, and finally hit Enter. And remember to restart the SSH service via sudo systemctl restart ssh.service command.

How to Enable SSH in Ubuntu 16.04 LTS

Last updated: April 22, 2016

Enable SSH Ubuntu 16.04

Here’s how to enable Secure Shell (SSH) service in Ubuntu 16.04 Xenial Xerus, the new LTS release, to allow secure remote login and other network communications.

Ubuntu provides OpenSSH (OpenBSD Secure Shell) in its universe repositories, which is a suite of security-related network-level utilities based on the SSH protocol.

1. To install it, open terminal (Ctrl+Alt+T) or log in Ubuntu server and run command:

sudo apt-get install openssh-server

install openssh server

2. After that, you should have SSH service enabled in your system, you may check its status by running command:

sudo service ssh status

check ssh status

3. You may change some settings (e.g., the listening port, and root login permission) by editing the configuration file via command:

sudo nano /etc/ssh/sshd_config

On Ubuntu desktop, you may use gedit instead of nano:

SSH settings

Finally apply the changes by restarting or reloading SSH:

sudo service ssh restart

For more, read the official manual page.

Enable SSH in Ubuntu 14.10 Server / Desktop

Last updated: September 30, 2014

enable ssh ubuntu 14.10

Secure Shell (SSH) is a protocol for securely accessing remote machine, it allows you to run command line and graphical programs, transfer files, and even create secure virtual private networks over the Internet.

Ubuntu does not provide the ssh service out-of-the-box. But you can easily enable it by installing the OpenSSH server package.

To enable SSH:

Search for and install the openssh-server package from Ubuntu Software Center. Or run command below in console if you’re on Ubuntu Server without GUI:

sudo apt-get install openssh-server

Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:

sudo service ssh start

To edit settings:

To change the port, root login permission, you may edit the /etc/ssh/sshd_config file via:

sudo nano /etc/ssh/sshd_config

After you changed the configurations, press Ctrl+X followed by typing y and hitting enter to save the file.

Finally restart the SSH service to apply the changes:

sudo service ssh restart

Usage and Tips:

1. Normally, we can access remote machine through SSH via command:

ssh username@remote-ip

For the port that is not the default 22:

ssh username@remote-ip -p NUMBER

2. For desktop Ubuntu, root user need to be enabled first so that remote machines can SSH to it via root:

Run command below to set a password for root:

sudo passwd root

Then execute command to unlock the root account:

sudo passwd -u root

Edit the config file /etc/ssh/sshd_config, change the line

PermitRootLogin without-password

into:

PermitRootLogin yes

When done, restart the SSH service.

For more, read the community documents.

Enable SSH in Ubuntu 14.04 Trusty Tahr

Last updated: April 15, 2014

enable ssh ubuntu 14.04

This simple tutorial is going to show you how to enable Secure Shell (SSH) service in Ubuntu 14.04 Trusty Tahr.

Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers.

SSH is not enabled by default in Ubuntu, but you can easily enable this service via OpenSSH, a free version of the SSH connectivity tools developed by the OpenBSD Project.

To do so, run the command below in terminal:

sudo apt-get install openssh-server

Or install the openssh-server package via Ubuntu Software Center if you’re on Desktop edition:

install ssh server Ubuntu 14.04

Once installed, you can change the port, disable root login and do other changes by editing the config file:

sudo gedit /etc/ssh/sshd_config

Finally restart the ssh server to take place:

sudo /etc/init.d/ssh restart

That’s it. Enjoy!