For reasons of data security and technological equipment, physical access to information servers is restricted. Therefore, to access them you must use tools that allow remote access to them. With this in mind, it’s a good idea to enable SSH on your server.
SSH, or Secure Shell, is a remote administration protocol that allows users to control and modify their remote servers over the Internet or on a LAN. One of its main characteristics is that it encrypts the connection session, making it impossible for anyone to obtain non-encrypted passwords. The port SSH uses is 22.
SSH and the importance of encryption
Many people don’t take the time to learn or use security tools. Fortunately SSH performs this whole process without the user taking sides on it, however, it is convenient to learn a little about it.
By default, the SSH operates on TCP port 22. The protocol then initiates communications to authenticate the client, ensuring that opening the connection is possible only if verification is successful. These credentials pass securely through the symmetrically encrypted tunnel, so there is no chance that they will be captured by a third party.
Once these credentials are confirmed, the server starts the connection process. First, it performs session encryption negotiation, in which they basically choose which encryption protocol will be used, and user authentication as such.
The objective is not to give you a security and encryption class, but to serve as a brief notion about SSH. And that you can understand that security when it comes to access to servers is of vital importance.
Install SSH on Ubuntu 18.04
In the first place, it is necessary to install the SSH package. It is available from Ubuntu’s official repositories and you won’t have to do much more. run:
:~$ sudo apt install ssh
Ubuntu by default will activate the SSH service, but it is always convenient to check. Run:
:~$ sudo systemctl status ssh
As you can see in the image, the service is running correctly.
Now you can use another computer to remotely access the server.
To access the server remotely, it’s really simple. The nomenclature of the command is
ssh user@server. On the server, you can enter the IP address or the domain. For example:
:~$ ssh email@example.com or :~$ ssh firstname.lastname@example.org
In both cases, you will attempt access. Presumably, if the firewall has blocked port 22 on the server, the connection will be denied.
And that’s it, this will give you access to the server.
A little more security for SSH
Although SSH is a very secure protocol that receives constant security updates, it is possible to make certain configurations to increase its reliability. Run:
:~$ sudo nano /etc/ssh/sshd_config
In this file, you will have many options to configure. Everything will depend on your preferences and your needs.
It’s always a good idea to change the port SSH uses. We all know that the default port is 22.
Another thing you can modify is the time the user has to log in. Look in the Authentication section for the LoginGraceTime entry.
It is equally important to disable access to the root user. Doing so will ensure that the root cannot be invoked remotely and thus greatly improve security. Go to PermitRootLogin and type no.
In addition, you can limit the number of attempts allowed. If a person knows his user and password he won’t need many attempts. On MaxAuthTries define the number you want.
Enable SSH on Ubuntu 18.04
Finally, you have to manipulate the SSH service. If you want to stop it:
:~$ sudo systemctl stop ssh
To enable it and get it to start along with the system.
:~$ sudo systemctl enable ssh
and finally, if you want to start it:
:~$ sudo systemctl start ssh
The use of SSH is simple but very powerful and becomes the most commonly used protocol to remotely access servers that are not physically available.
We want to read you, have you used SSH? Do you know any tricks? Do you enable SSH on your system? Tell us in the comments
Please spread this article through your social networks.