Secure Shell (SSH) is a critical tool for managing remote servers securely. In this guide, we will walk through the process of setting up SSH access for users on Ubuntu 24.04.
Prerequisites
- A system running Ubuntu 24.04.
- A user with sudo privileges.
- SSH installed on both the client and server.
Step 1: Install OpenSSH Server
First, ensure the SSH server is installed and running:
sudo apt update && sudo apt install -y openssh-serverAfter installation, verify that the SSH service is active:
sudo systemctl status sshIf the service is not running, start and enable it:
sudo systemctl enable --now sshStep 2: Create a New User
If the user does not already exist, create one:
sudo adduser newuserThen, add the user to the sudo group if administrative privileges are needed:
sudo usermod -aG sudo newuserStep 3: Configure SSH Access
Ensure the new user can access the server via SSH by switching to their account and creating the .ssh directory:
sudo -u newuser mkdir -p /home/newuser/.ssh
sudo -u newuser chmod 700 /home/newuser/.sshStep 4: Set Up SSH Key Authentication (Recommended)
For secure access, set up SSH key authentication:
Generate an SSH key pair on the client machine:
<code>ssh-keygen -t ed25519 -C "newuser@yourserver"</code>Copy the public key to the server:
ssh-copy-id newuser@yourserver_ipAlternatively, manually copy the key:
cat ~/.ssh/id_ed25519.pub | ssh newuser@yourserver_ip 'mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys'Set correct permissions:
sudo chmod 600 /home/newuser/.ssh/authorized_keys sudo chown -R newuser:newuser /home/newuser/.sshStep 5: Configure SSH Server Settings
Edit the SSH daemon configuration file:
sudo nano /etc/ssh/sshd_configMake the following adjustments for improved security:
Disable root login:
PermitRootLogin noAllow only specific users:
AllowUsers newuserDisable password authentication (only if key-based authentication is set up):
PasswordAuthentication noSave and exit the file, then restart SSH:
sudo systemctl restart sshStep 6: Test SSH Access
From a client machine, test the SSH connection:
ssh newuser@yourserver_ipIf using an SSH key, ensure the private key is in ~/.ssh/ and has the correct permissions (chmod 600 ~/.ssh/id_ed25519).
Step 7: (Optional) Configure a Firewall
If UFW (Uncomplicated Firewall) is enabled, allow SSH traffic:
sudo ufw allow OpenSSH
sudo ufw enable
sudo ufw statusConclusion
Setting up SSH access on Ubuntu 24.04 is essential for secure remote management. By configuring key-based authentication and restricting access, you enhance the security of your server. Regularly review SSH logs (sudo journalctl -u ssh) and apply updates (sudo apt update && sudo apt upgrade -y) to maintain security.
FAQ
1. How can I check if SSH is running on my server?
You can check the status of the SSH service with:
sudo systemctl status ssh2. What should I do if SSH connection is refused?
- Ensure SSH is installed and running:
sudo systemctl start ssh - Verify the firewall allows SSH:
sudo ufw allow OpenSSH - Check if the correct user has SSH access in
/etc/ssh/sshd_config.
3. How do I change the default SSH port?
Edit /etc/ssh/sshd_config and modify:
Port 2222Then restart SSH:
sudo systemctl restart ssh4. How can I disable password authentication completely?
Edit /etc/ssh/sshd_config and set:
PasswordAuthentication noRestart SSH to apply changes:
sudo systemctl restart ssh5. How do I allow multiple users to connect via SSH?
Add multiple usernames to the AllowUsers directive in /etc/ssh/sshd_config, e.g.:
AllowUsers user1 user2 user3Restart SSH:
sudo systemctl restart ssh
- Roblox Force Trello - February 25, 2025
- 20 Best Unblocked Games in 2025 - February 25, 2025
- How to Use Java Records to Model Immutable Data - February 20, 2025
