How to Install and Enable OpenSSH on Ubuntu 17.04, Ubuntu 16.04

28/12/2020

Before we proceed on how to install and enable OpenSSH on Ubuntu 17.04, Ubuntu 16.04, first we need to understand what OpenSSH (a fork of free SSH) is.

OpenSSH (also known as OpenBSD Secure Shell) is a connectivity tool that enables remote login via the SSH protocol, hence eliminating eavesdropping, connection hijacking, and other attacks. It helps to secure all network communications by encrypting all network traffic over multiple authentication methods through a secured tunnel.

The OpenSSH suite consists of the following tools:

OpenSSH Key Features

  • Offers strong cryptography (AES, ChaCha20, RSA, ECDSA, Ed25519…)
  • Supports X11 forwarding (which also encrypts X Window System traffic)
  • Port forwarding (encrypted channels for legacy protocols)
  • Strong authentication (public keys, one-time passwords)
  • Agent forwarding
  • Interoperability
  • SFTP client and server support in both SSH1 and SSH2 protocols
  • Optional data compression
  • See list for full details

The most recent release is OpenSSH 7.5 and its mainly bugfix release

Install OpenSSH on Ubuntu 17.04, Ubuntu 16.04

Now lets proceed with how to install and enable OpenSSH

How to enable root password

  • First you need to ensure the root password is enabled if not already done, by running the following commands
sudo passwd root  Enter new UNIX password:  Retype new UNIX password:  passwd: password updated successfully

Install OpenSSH on Ubuntu

  • Next we need to install openssh server / client on ubuntu by running the following commands on terminal
su - #enter your root password  sudo apt-get install openssh-server openssh-client
  • Now start and enable SSH service by running following commands
systemctl start sshd  systemctl enable ssh.service
  • Last step is to open up the ssh firewall port
ufw allow ssh  ufw reload

Configure OpenSSH Server

  • To configure OpenSSH, you need to edit the file “sshd_config” located in “/etc/ssh”
sudo gedit /etc/ssh/sshd_config
  • There are quite a few config settings in there but for the purpose of this tutorial, we will enable the following settings for a basic setup
 Port 22                    # Tells sshd on what port to listen on   AddressFamily any          # sshd listens on either IPv4 or IPv6 or both interface   ListenAddress 0.0.0.0      # Tells sshd to listen on all ip address   PermitRootLogin no         # For security, allows set this to no   MaxAuthTries 6             # To prevent DDOS attack, set the desired value to restrict the number of tries allowed during login   MaxSessions 10             # This sets the maximum number of simultaneous connections   PasswordAuthentication yes # This will enforce key-based if set to no and ask passwords if set to yes
  • Save changes and reload sshd for changes to take effect
systemctl reload sshd

Test run OpenSSH setup

  • For purpose of testing to see if this works as expected, we will enable ssh root access temporary but in a production setup, DO NOT enable it.
  • Edit the file “sshd_config” located in “/etc/ssh” and change “PermitRootLogin without-password” to “PermitRootLogin yes
  • Restart the SSH server
  
sudo service ssh restart

or
systemctl reload sshd
  • Run the command to connect to it
ssh [email protected]  
 
ONET IDC thành lập vào năm 2012, là công ty chuyên nghiệp tại Việt Nam trong lĩnh vực cung cấp dịch vụ Hosting, VPS, máy chủ vật lý, dịch vụ Firewall Anti DDoS, SSL… Với 10 năm xây dựng và phát triển, ứng dụng nhiều công nghệ hiện đại, ONET IDC đã giúp hàng ngàn khách hàng tin tưởng lựa chọn, mang lại sự ổn định tuyệt đối cho website của khách hàng để thúc đẩy việc kinh doanh đạt được hiệu quả và thành công.
Bài viết liên quan

Brute force against SSH and FTP services: attacking and defending SSH and FTP

Bruteforce is among the oldest hacking techniques, it is also one of the simplest automated attacks requiring minimum knowledge...
29/12/2020

Disabling root ssh on Debian

Since the root user is universal for all Linux and Unix systems it was always the preferred bruteforce victim by hackers...
29/12/2020

Enable SSH Server on Debian

How to Enable SSH Server for Remote Login on Debian 9 In this article, I will show you how to install and configure SSH...
28/12/2020