enable ssh debian

Guri Bee

3 min read

·

19-10-2024

1

0

Share

Enabling SSH on Debian: A Step-by-Step Guide

Secure Shell (SSH) is a powerful tool for managing remote servers securely. This article will guide you through the process of enabling SSH on a Debian system. We will use information and best practices from the Debian Wiki and GitHub to ensure a secure and functional setup.

Why Use SSH?

SSH allows you to connect to your server remotely and execute commands as if you were physically present at the console. This is invaluable for:

• System administration: Managing your server's files, services, and packages.
• Development: Working on projects hosted on your server.
• Deployment: Deploying applications and updates securely.

Enabling SSH on Debian

1. Install the OpenSSH server:

   sudo apt update
   sudo apt install openssh-server
   

   This command will install the OpenSSH server package, which contains the necessary components for running the SSH service.

2. Start the SSH service:

   sudo systemctl start ssh
   

   This command starts the SSH service. It will now listen for incoming connections on the default port, 22.

3. Enable the SSH service at boot:

   sudo systemctl enable ssh
   

   This ensures that the SSH service will automatically start when the system boots.

Securing Your SSH Connection

Here are some crucial steps to secure your SSH server:

• Disable root login: By default, root login is enabled via SSH. This is a security risk, as compromising the root account can grant full control over the server. To disable root login, edit the sshd_config file:

  sudo nano /etc/ssh/sshd_config
  

  Find the line PermitRootLogin yes and change it to PermitRootLogin no. Save and exit the file, and then restart the SSH service:

  sudo systemctl restart ssh
  

• Use strong passwords: Choose strong, unique passwords for your SSH user accounts. Avoid using common words or phrases. Use password managers to store and manage your passwords securely.

• Enable key-based authentication: Key-based authentication is a more secure method than password-based authentication. You can create an SSH key pair on your local machine and configure your server to use it for authentication:

  ssh-keygen -t rsa -b 4096
  

  This will generate a public and private key pair. You can then copy the public key to your server's authorized_keys file, located in /home/<username>/.ssh/authorized_keys.

• Limit SSH access: You can further limit SSH access by specifying allowed IP addresses or network ranges in the sshd_config file. For example, to allow connections only from your local machine's IP address:

  AllowUsers <your_username>
  

  Refer to the OpenSSH documentation for more advanced access control options.

• Keep your SSH server up-to-date: Regularly update your Debian system and the OpenSSH server to ensure that you are protected from known vulnerabilities.

Connecting to your SSH server

Once SSH is enabled and secured, you can connect to your server using an SSH client like PuTTY (Windows) or Terminal (Mac/Linux).

1. Open an SSH client and enter the following command:

   ssh <username>@<server_ip_address>
   

   Replace <username> with your SSH user account and <server_ip_address> with your server's IP address.

2. Enter your password or passphrase: If you are using password-based authentication, you will be prompted for your password. If you are using key-based authentication, you will be prompted for your passphrase.

3. Access your server: Once authenticated, you will have access to your server's command line.

Conclusion

By following these steps, you can securely enable SSH on your Debian server. Remember to prioritize security practices like strong passwords, key-based authentication, and access control to protect your server from unauthorized access. With SSH, you can manage your server efficiently and securely from any location.