Tutorial Overview
SSH (Secure Shell) allows secure remote connections to your server. This tutorial covers installation, configuration, and security best practices to protect SSH access.
Prerequisites
- Root or sudo access.
Steps
Step 1: Install the SSH Server
1. Update the package list:
sudo apt update2. Install the SSH server:
sudo apt install openssh-server -y3. Check that SSH is running:
sudo systemctl status ssh- Look for active (running) in the output, which indicates SSH is running.
Step 2: Configure SSH for Security
1. Open the SSH configuration file:bashCopy code
sudo nano /etc/ssh/sshd_config2. Change the default SSH port (optional but recommended):
- Locate the line #Port 22.
- Uncomment it by removing the # and change 22 to a different port (e.g., Port 2222).
Disable root login over SSH:
- Find the line PermitRootLogin yes.
- Change
yestonoto prevent root access:
PermitRootLogin no3. Allow only specific users to access SSH (optional):
- Add the following line to restrict SSH access to specific users:
AllowUsers your_username4. Save and close the file.
Step 3: Restart SSH and Test
1. Restart SSH to apply the new settings:
sudo systemctl restart ssh2. Test the connection from another terminal:
ssh -p <your_new_port> your_username@your_server_ip3. Check the SSH logs for security auditing:
sudo tail -f /var/log/auth.log- Watch for unauthorized attempts to access SSH and investigate as needed.
