How to install ssh on Linux

Secure shell (SSH) is a network protocol providing shell services on a remote machine via a secure channel. SSH provides various security benefits such as user/host authentication, data encryption, and data integrity, thereby preventing common attacks such as eavesdropping, DNS/IP spoofing, data forgery, connection hijacking, etc. Users of ftp, telnet or rlogin which use plain-text protocols are strongly recommended to switch to SSH.

OpenSSH is an open-source implementation of the SSH protocol, allowing encrypted communication over a network via a suite of software. If you would like to set up SSH on Linux, you can install OpenSSH, which consists of OpenSSH server and client packages.

OpenSSH server/client packages come with the following utilities:

  • OpenSSH server: sshd (SSH daemon)
  • OpenSSH client: scp (secure remote copy), sftp (secure file transfer), slogin/ssh (secure remote login), ssh-add (private key addition), ssh-agent (authentication agent), ssh-keygen (authentication key management).

Install OpenSSH Server and Client on Linux

If you want to install OpenSSH server/client, and auto-start OpenSSH server, follow these distro-specfic instructions.

Debian, Ubuntu or Linux Mint

$ sudo apt-get install openssh-server openssh-client

On Debian-based systems, once OpenSSH server is installed, OpenSSH server will start automatically upon boot. If for any reason OpenSSH server does not get started automatically upon boot, you can run the following command to explicitly add ssh to boot time service.

$ sudo update-rc.d ssh defaults

Fedora or CentOS/RHEL 7

$ sudo yum -y install openssh-server openssh-clients
$ sudo systemctl start sshd service
$ sudo systemctl enable sshd.service

CentOS/RHEL 6

$ sudo yum -y install openssh-server openssh-clients
$ sudo service sshd start
$ sudo chkconfig sshd on

Arch Linux

$ sudo pacman -Sy openssh
$ sudo systemctl start sshd service
$ sudo systemctl enable sshd.service

Configure OpenSSH Server

If you would like to configure OpenSSH server, you can edit system-wide OpenSSH configuration file located at /etc/ssh/sshd_config.

There are a couple of OpenSSH options you may be interested in:

Port 22

By default, sshd listens on port 22 to listen for incoming ssh connections. By changing the default ssh port, you may be able to avert various automated attacks from hackers.

ListenAddress 192.168.1.1

If your machine has more than one physical network interface, and you would like to specify the interface on which sshd binds, you can use the ListenAddress option. This option helps improve security by limiting incoming SSH connections via a specific interface only.

HostKey /etc/ssh/ssh_host_key

The HostKey option specifies where the private host key is located.

PermitRootLogin no 

The PermitRootLogin option tells whether root can log in to the system via ssh.

AllowUsers alice bob

Using the AllowUsers option, you can selectively disable ssh service for particular Linux users. You can specify multiple users separated by space.

Once you have modified /etc/ssh/sshd_config, make sure to restart ssh service.

To restart OpenSSH on Debian, Ubuntu or Linux Mint:

$ sudo /etc/init.d/ssh restart

To restart OpenSSH on Fedora, CentOS/RHEL 7 or Arch Linux:

$ sudo systemctl restart sshd.service

To restart OpenSSH on CentOS/RHEL 6:

$ sudo service sshd restart

Subscribe to Xmodulo

Do you want to receive Linux FAQs, detailed tutorials and tips published at Xmodulo? Enter your email address below, and we will deliver our Linux posts straight to your email box, for free. Delivery powered by Google Feedburner.

The following two tabs change content below.
Dan Nanni is the founder and also a regular contributor of Xmodulo.com. He is a Linux/FOSS enthusiast who loves to get his hands dirty with his Linux box. He likes to procrastinate when he is supposed to be busy and productive. When he is otherwise free, he likes to watch movies and shop for the coolest gadgets.
Your name can also be listed here. Write for us as a freelancer.

One thought on “How to install ssh on Linux

  1. Your site has been useful and convenient for me. I find it easy to read and navigate. I have been a Linux user for years without using the command line much, this helps a lot.

Leave a comment

Your email address will not be published. Required fields are marked *