In this article, we will show you how to install, configure and use OpenSSH on Ubuntu 16.04. SSH (Secure Shell) is a protocol that allows reliable access to a remote machine while OpenSSH is a set of tools based on the SSH protocol. Today we are going to show you how to install and configure OpenSSH on a Linux VPS using Ubuntu 16.04 as your operating system.
Installing OpenSSH on Ubuntu 16.04
First, let’s install OpenSSH. Update package indices with the following command:
sudo apt-get update
To install the OpenSSH server application, as well as other related packages, use the following command:
sudo apt-get install openssh-server
Note that the OpenSSH server package may already be installed on your system as part of the initial server installation process. Alternatively, you can install the OpenSSH client application using the following command:
sudo apt-get install openssh-client
Setting up OpenSSH on Ubuntu 16.04
Before making any changes to the OpenSSH configuration, it is good to know how to manage the OpenSSH service on your Ubuntu VPS. You can use the following command to start the service:
sudo systemctl start sshd.service
To stop the service, you can use:
sudo systemctl stop sshd.service
To restart the service, you can use:
sudo systemctl restart sshd.service
To check the status of a service you can use:
sudo systemctl status sshd.service
To enable the service at boot time you can use:
sudo systemctl enable sshd.service
To disable the service during system boot you can use:
sudo systemctl disable sshd.service
After making any changes to the OpenSSH configuration, you need to restart the service for the changes to take effect.
The main configuration file for the OpenSSH server application is
/etc/ssh/sshd_config… Make sure you back up your original configuration before making any changes:
sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.orig
You can edit this file with a text editor of your choice. The first thing you can do is change the default SSH listening port. Open the file and find the line that defines the listening port:
Change it to something else. for instance
Save the file and close it. Then restart the service for the changes to take effect.
You can now try to connect to the server via SSH using the port number specified in the OpenSSH server config file. If you can connect to the server via SSH successfully you can proceed with the next step, which is securing OpenSSH.
Secure OpenSSH on Ubuntu 16.04
One of the recommended ways to secure your server when using OpenSSH is to disable the Root login. First, create a new user SUDO on the Ubuntu server and then edit the OpenSSH server config file. Find the following line:
and change it to:
Save the changes and restart the service for the changes to take effect. The next time you connect to the server, you can use the newly created SUDO user.
To protect your server, you can also disable password verification and configure SSH login using SSH keys. Alternatively, you can secure SSH with two-factor authentication.
You can check additional configuration options using the man page:
or you can visit the manual OpenSSH pages at https://www.openssh.com/manual.html.