Changes

Configuring Ubuntu 11.04 Remote Access using SSH

5,826 bytes added, 19:49, 17 June 2011
New page: SSH is a TCP/IP service that provides a secure mechanism for remotely logging into one system over either a local network or the internet into another system. SSH also provides the ability...
SSH is a TCP/IP service that provides a secure mechanism for remotely logging into one system over either a local network or the internet into another system. SSH also provides the ability to transfer files between remote systems. When a user logs into a remote system using SSH, they receive a command prompt allowing them to enter commands on the remote system as if they were sitting at the remote system and had opened a terminal session.

In this chapter we will cover the steps necessary to configure an Ubuntu 11.04 system to accept SSH connections. This involves installing the SSH server on the local system and configuring the firewall to allow SSH connections.

== Installing SSH on an Ubuntu System ==

In order for a system to accept SSH connections the system must first be running the SSH server. By default, Ubuntu does not install the SSH server so the first step is to ensure that the server is installed. This can be performed using either the Ubuntu Software Center tool or the ''apt-get'' command-line tool.

To install using the Ubuntu Software Center, select ''Ubuntu Software Manager'' item in the Unity desktop launcher. Enter your password when prompted to do so. Using the search box in the top right hand corner, search for ''openssh-server''. After the search completes, you will see openssh-server in the package list. Simply select this item and click on the ''Install'' button to initiate the installation process.

To install from the command line, begin by opening a terminal window by pressing Ctrl-Alt-T. In the terminal window enter the following command and press enter to execute it:

<pre>
sudo apt-get install openssh-server
</pre>

The installation process will download the SSH server, install it and start the service running in the background. You may now attempt to connect from a remote system (see below for details on how to do this). If you receive a "connection refused" message when you try to connect you may need to configure the firewall to allow SSH connections to be established to this system.

== Configuring the Ubuntu Firewall to Allow SSH Connections ==

If you are using a firewall to protect your system you will need to allow SSH connections before you will be able to connect from a remote system. If you have configured your firewall using either the ufw or gufw tools you will need to set up an incoming connection policy to allow connections to the SSH service. Configuring the Ubuntu firewall is covered in detail in the chapter entitled [[Using gufw and ufw to Configure an Ubuntu 11.04 Firewall]].

== Using SSH on Ubuntu 11.04 ==

SSH can be used to log into your system from a remote system. It is also possible to test that the SSH server is running and accessible from the local machine. SSH connections are established using the ssh client utility.

To connect from your local machine back to itself use the following command:

<pre>
ssh -l username ipaddresss
</pre>

Where username is the name of the user you wish to log in as and ipaddress is the IP address of your system. You can also substitute the hostname of the system in place of the IP address. If you do not know the IP address run the ipconfig command in a terminal window. This will output information similar to:

<pre>
eth0 Link encap:Ethernet HWaddr 00:13:72:0B:14:57
inet addr:192.168.2.21 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe0b:1457/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4261067 errors:0 dropped:0 overruns:0 frame:0
TX packets:4409081 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2068332349 (1.9 GiB) TX bytes:2408187471 (2.2 GiB)
Base address:0xcce0 Memory:fe3e0000-fe400000
</pre>

In the above output the IP address is shown as inet addr:, in this case 192.168.2.21. Similarly, the hostname may be obtained by running the hostname tool at a terminal command prompt.

To connect from a remote system perform the same steps above using either the IP address or host name of the remote host to which you connect. Enter your password when prompted and you will find yourself logged into the remote system.

== Copying files using SSH ==

The SSH service provides a mechanism for copying files to and from a remote system. Copying is performed using the scp utility. To copy a file to a directory on a remote system, execute the following command:

<pre>
scp myfile.txt [email protected]:/home/demo
</pre>

Where myfile.txt is the name of the file to be uploaded to the remote system, username is the name of user account to be used to log into the remote system, 192.168.2.1 is replaced by the real IP address or hostname of the system and /home/demo represents the directory into which the file should be copied.

The above file could similarly be copied from the remote system to the local system as follows:

<pre>
scp [email protected]:/home/demo/myfile.txt .
</pre>

The above command will copy the remote file to the current directory on the local system.

== Disabling the SSH Server ==

Having configured the system to run the SSH server we can now look at how to disable it. As mentioned previously, the SSH server runs in the background as a service.

In order to disable SSH we need to turn off the SSH service. This can be achieved using the ''service'' command line tool in a terminal window as follows:

<pre>
$ sudo service ssh stop
[sudo] password for demo:
ssh stop/waiting
</pre>

The ssh server may be re-started using the following service command line:

<pre>
$ sudo service ssh start
ssh start/running, process 3981
</pre>

To obtain the current status of the ssh server:

<pre>
$ service ssh status
ssh start/running, process 3561
</pre>