Skip to main content
SSH (Secure Shell) is a protocol that allows secure remote access to a computer over an unsecured network. This guide walks you through the best practices for setting up SSH on an Ubuntu system.
1
Install OpenSSH Server
2
sudo apt-get update
sudo apt-get install -y openssh-server
3
Start and Enable the SSH Service
4
sudo systemctl enable ssh
sudo systemctl start ssh
sudo systemctl status ssh
5
Configure SSH Settings
6
Open the SSH configuration file:
7
sudo nano /etc/ssh/sshd_config
8
Apply the following hardening settings:
9
PasswordAuthentication no
PermitRootLogin no
AllowUsers user1 user2 user3
AllowGroups sshusers
10
  • PasswordAuthentication no — disables password auth in favour of key-based authentication.
  • PermitRootLogin no — prevents direct root login via SSH.
  • AllowUsers / AllowGroups — restricts SSH access to specific users or groups.
11
Restart the SSH Service
12
sudo systemctl restart ssh
13
Configure the Firewall
14
Ubuntu uses UFW (Uncomplicated Firewall) by default. When UFW is enabled it blocks all inbound connections — including SSH — unless explicitly allowed.
15
sudo ufw allow ssh
sudo ufw enable
sudo ufw status
16
Expected output:
17
Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)
18
Ensure you allow SSH before enabling UFW, otherwise you will be locked out of your server.
19
Reboot the Server
20
Reboot to confirm all changes take effect cleanly.
21
sudo reboot

Build docs developers (and LLMs) love

Get started for freeTalk to us