Enabling SSH on an Ubuntu Server is the foundational step for administering your machine remotely with precision and efficiency. This protocol allows you to manage your server from any location, eliminating the need for physical access and streamlining the workflow for system administrators. Without it, you are confined to the console, which is impractical for servers located in data centers or cloud environments.
Understanding the SSH Service
By default, a fresh installation of Ubuntu Server includes the SSH server package, but it remains inactive until you initiate it. The service responsible for this functionality is called openssh-server , which listens for incoming connections on port 22. Before you proceed, it is wise to check if the daemon is already running, as some cloud providers or hosting panels might have activated it during the deployment phase.
Activating the Daemon
To enable ssh on ubuntu server, you will interact with the systemctl utility, which controls the system daemon. You need to signal the operating system to launch the SSH background process and configure it to start automatically upon boot. This ensures that your remote access channel persists even after you reboot the hardware or virtual machine.
Commands to Start and Enable
sudo systemctl start ssh
sudo systemctl enable ssh
The first command triggers the immediate launch of the service, while the second creates a symbolic link in the appropriate runlevel directory, guaranteeing persistence. Once executed, the server will accept connections on the network interface, preparing it for remote login attempts.
Adjusting the Firewall Rules
Security is paramount when exposing administrative ports to a network, and an Ubuntu Server usually employs UFW (Uncomplicated Firewall) to filter traffic. If you enable the firewall without allowing port 22, your SSH client will fail to connect, effectively locking you out of the system. You must create a rule that explicitly permits the secure shell traffic.
Configuring UFW
sudo ufw allow ssh
sudo ufw status
The first line utilizes the application profile named "ssh" to open the port, while the second provides visual confirmation that the rule is active. This step is non-negotiable in production environments, as it balances accessibility with robust network defense.
Verifying the Connection
After completing the server-side configuration, you should validate the setup from a separate machine. This confirms that the daemon is responsive and that the network path is clear of obstructions such as NAT or cloud security groups. Testing immediately ensures that any typos or misconfigurations are caught while you still have local console access to fix them.
Testing Locally and Remotely
Run ssh localhost directly on the server to verify the daemon is active.
From your personal computer, use ssh user@server_ip to confirm remote accessibility.
A successful login indicates that the service is correctly bound to the network interface and that your credentials are being processed by the PAM stack.
Hardening Security Parameters
Leaving SSH accessible via the default port with password authentication creates a significant vulnerability that automated bots will exploit. To enable ssh on ubuntu server securely, you should disable root login and transition to key-based authentication. This approach replaces static passwords with cryptographic keys, rendering brute-force attacks practically impossible.
