SSH, or Secure Shell, is a protocol used to securely log onto remote systems. It is the most common way to access remote Linux and Unix-like servers, such as VPS instances. In this guide, we will discuss how to use SSH to connect to a remote system I’ll be logged in as root.
Setup SSH server on Ubuntu 14.04
Step 1 – Update repositories.
Step 2 – Install SSH Server
Step 3 – After installation I will show how to configure ssh server. Open ssh config file with the following command:
Step 4 – If you want to change ssh port you have to find ‘Port’ line and change the number of the port. For example I will change to 22222.
Step 5 – I will set max login attempts to be 3. After 3 wrong login attempts you will disconect. This is very important for security of your server and this can be used for prevention from brute force attack (see my Theme 4). Add this line bellow Port:
Step 6 – Allow certain users to login on your server and deny all other users. I will add ‘zimbra’ users because my Zimbra Mail Serve should have access. For more information about Zimbra Mail Server configuration read theme 12. Add the following line at the end of the file and after that save the file /etc/ssh/sshd_config.
Step 7 – Restart ssh service with the following command:
Now only this two users will have access to your server.
I will show you How To Configure SSH Key-Based Authentication on a Linux Server
In my opinion this is the best way to protect from unauthorised access to your server. Unfortunately this is not the most convenient one, because you have to bring the key with you. My advice is to use the configuration shown above.
Step 8 – Create folder, change permission and navigate to new folder with the following commands:
Step 9 – Create folder, change permission and navigate to new folder with the following commands:
Step 10 – Show new files.
Step 11 – Generate Keys – If you ‘Enter passphrase’ you must remember it and use it in the following steps:
Step 12 – Append the public key to authorized_keys and remove the uploaded copy.
Step 13 – Edit the ssh server config file with nano /etc/ssh/sshd_config to make sure that public key authentication is enabled (it should be enabled by default):
Step 14 – These entries must be set to YES.
Step 15 – The following settings should be set to NO:
Step 16 – Restart ssh service with the following command:
Step 17 – Now you must get private key code.
Step 18 – Paste in notepad and save without extension
Step 19 – When you connect to your server you must browse your ‘id_rsa.ppk’ file in putty.