Archives For ssh

For those having Ubuntu or other Linux server (e.g., Debian, CentOS and Fedora) remotely, here’s how to login without password using SSH key authentication.

Compare to user password login, SSH key authentication is more secure because only the person who has the key allows to connect, and the keys are well encrypted by different algorithms. It also make SSH connection simple by login without password.

1. Enable SSH Service in Ubuntu Linux:

In case you don’t have enabled the SSH service in remote server. You need to first connect to the server, and run command to install openssh:

sudo apt install openssh-server

For CentOS and Fedora server, use sudo dnf install openssh-server command instead.

After installation, enable and start the service via command:

sudo systemctl enable ssh && sudo systemctl start ssh

And finally verify the SSH service status by running command:

sudo system status ssh

If you see the service is active and running, you may start connecting the server via SSH remotely using the command below in local computer:

ssh [email protected]_ip

Replace user and server_ip. And use -p port_number to specify the port number if it’s not the default 22.

2. Enable SSH Key Authentication:

The authentication keys are generated in local computers. They are usually consists of private key and public key. By uploading the public key into remote Linux server, you’ll be able to SSH login using the private key in local machine.

NOTE: this tutorial is tested on Ubuntu local computer, though it should work on most Linux, including Debian, Fedora, CentOS, and Arch Linux.

1. Install OpenSSH Client:

The OpenSSH client is installed out-of-the-box mostly. In case you don’t have it, run this command in local computer to install it:

sudo apt install openssh-client

For CentOS and Fedora, use sudo dnf install openssh openssh-clients instead.

2. Generate SSH Key Pair:

The ssh-keygen command allows to generate a SSH key pair via RSA, ECDSA, and ED25519 algorithms. While RSA is widely used and best supported, ED25519 offers better security and good performance.

a.) Firstly, create and navigate to the .ssh directory in local computer terminal window:

mkdir -p ~/.ssh && cd ~/.ssh

b.) Next, run command to generate a key pair:

ssh-keygen -t ed25519 -f linode_ed25519 -C "[email protected]"

In the code, you may replace “ed25519” with your prefer encryption algorithm. And “-f linode_ed25519” specifies the key name, “-C “[email protected]”” is the optional comment.

c.) For security reason, it’s highly recommended to set none permission (even not readable) for other users except for yourself:

chmod 600 ~/.ssh/linode_ed25519*

Change “linode_ed25519” to the key name you set in last step. And there’s an asterisk “*” in the end so it also applies to the “linode_ed25519.pub” file.

3. Upload the public key to host server:

Now upload the public key (“linode_ed25519.pub” in my case) from local computer to remote server, using command:

cd ~/.ssh && ssh-copy-id -i linode_ed25519.pub [email protected]_ip

Don’t remember to add ‘-p number‘ if the listening port is not default 22. And you need to type remote user password for uploading the key.

After that, try SSH login again in local computer will ask for the key password you set in b.):

ssh [email protected]_ip

If you select Cancel, it will instead ask for user password authentication.

4. Enable No Password SSH Key Login:

You can tick ‘Automatically unlock this key whenever I’m logged in‘ and type the password only for one time in the last screenshot. However, some desktop environments may not provide this friendly feature. So ‘ssh-agent’, OpenSSH authentication agent, is present to do the job for your.

Firstly run ‘ssh-agent’ via shell command:

eval 'ssh-agent'

Next, add the SSH key to the agent:

ssh-add linode_ed25519

After that, SSH command will login without typing the authentication key password.

5. Disable SSH user password login:

After successfully setup the key authentication, you may disable the user password login, so no one else can access the server!

Firstly, connect to the remote server and run command to edit the ssh daemon config file:

sudo nano /etc/ssh/sshd_config

Next, un-comment the “#PasswordAuthentication yes” line and set its value to no, so it will be:

PasswordAuthentication no

And then press Ctrl+X, type y and hit Enter to save the file.

Finally reload SSH via

sudo systemctl reload ssh

command and enjoy!

Enable SSH Ubuntu 16.04

This quick tip shows how to enable Secure Shell (SSH) service in Ubuntu 20.04 LTS, both desktop and server, to allow secure remote login and other network communications.

Ubuntu includes OpenSSH, a suite of secure networking utilities based on the Secure Shell protocol, in its main repositories. While OpenSSH client is installed out-of-the-box, you can do following steps to install and setup OpenSSH server in Ubuntu 20.04.

1. First open terminal and run command to install the packages:

sudo apt install ssh

Type user password (no asterisk feedback) for sudo prompt and hit Enter.

2. Once installed, SSH services start in background silently. You can check its status by running command:

systemctl status ssh.service

You may replace status in the code with stop, reload, restart to stop, reload, or restart the service.

3. The SSH service should be working good now for basic use! If you want to change the listening port, root login permission, or other authentications, run command to edit the configuration file:

sudo nano /etc/ssh/sshd_config

replace nano with gedit if you’re on Ubuntu Desktop.

Save changes by pressing Ctrl+X, then Y, and finally hit Enter. And remember to restart the SSH service via sudo systemctl restart ssh.service command.

How to Enable SSH in Ubuntu 16.04 LTS

Last updated: April 22, 2016

Enable SSH Ubuntu 16.04

Here’s how to enable Secure Shell (SSH) service in Ubuntu 16.04 Xenial Xerus, the new LTS release, to allow secure remote login and other network communications.

Ubuntu provides OpenSSH (OpenBSD Secure Shell) in its universe repositories, which is a suite of security-related network-level utilities based on the SSH protocol.

1. To install it, open terminal (Ctrl+Alt+T) or log in Ubuntu server and run command:

sudo apt-get install openssh-server

install openssh server

2. After that, you should have SSH service enabled in your system, you may check its status by running command:

sudo service ssh status

check ssh status

3. You may change some settings (e.g., the listening port, and root login permission) by editing the configuration file via command:

sudo nano /etc/ssh/sshd_config

On Ubuntu desktop, you may use gedit instead of nano:

SSH settings

Finally apply the changes by restarting or reloading SSH:

sudo service ssh restart

For more, read the official manual page.

Enable SSH in Ubuntu 14.10 Server / Desktop

Last updated: September 30, 2014

enable ssh ubuntu 14.10

Secure Shell (SSH) is a protocol for securely accessing remote machine, it allows you to run command line and graphical programs, transfer files, and even create secure virtual private networks over the Internet.

Ubuntu does not provide the ssh service out-of-the-box. But you can easily enable it by installing the OpenSSH server package.

To enable SSH:

Search for and install the openssh-server package from Ubuntu Software Center. Or run command below in console if you’re on Ubuntu Server without GUI:

sudo apt-get install openssh-server

Once installed, the SSH service should be started automatically. If necessary, you can start (or stop, restart) the service manually via command:

sudo service ssh start

To edit settings:

To change the port, root login permission, you may edit the /etc/ssh/sshd_config file via:

sudo nano /etc/ssh/sshd_config

After you changed the configurations, press Ctrl+X followed by typing y and hitting enter to save the file.

Finally restart the SSH service to apply the changes:

sudo service ssh restart

Usage and Tips:

1. Normally, we can access remote machine through SSH via command:

ssh [email protected]

For the port that is not the default 22:

ssh [email protected] -p NUMBER

2. For desktop Ubuntu, root user need to be enabled first so that remote machines can SSH to it via root:

Run command below to set a password for root:

sudo passwd root

Then execute command to unlock the root account:

sudo passwd -u root

Edit the config file /etc/ssh/sshd_config, change the line

PermitRootLogin without-password

into:

PermitRootLogin yes

When done, restart the SSH service.

For more, read the community documents.

Enable SSH in Ubuntu 14.04 Trusty Tahr

Last updated: April 15, 2014

enable ssh ubuntu 14.04

This simple tutorial is going to show you how to enable Secure Shell (SSH) service in Ubuntu 14.04 Trusty Tahr.

Secure Shell (SSH) is a cryptographic network protocol for secure data communication, remote command-line login, remote command execution, and other secure network services between two networked computers.

SSH is not enabled by default in Ubuntu, but you can easily enable this service via OpenSSH, a free version of the SSH connectivity tools developed by the OpenBSD Project.

To do so, run the command below in terminal:

sudo apt-get install openssh-server

Or install the openssh-server package via Ubuntu Software Center if you’re on Desktop edition:

install ssh server Ubuntu 14.04

Once installed, you can change the port, disable root login and do other changes by editing the config file:

sudo gedit /etc/ssh/sshd_config

Finally restart the ssh server to take place:

sudo /etc/init.d/ssh restart

That’s it. Enjoy!