How to Remotely Manage Ubuntu Server with SSH

You may often have to access remote servers to administer, manage, and troubleshoot and there are several ways to do this. You may use telnet to login to remote servers; FTP allows transferring files between different servers. However, these programs are not secure enough for connecting to critical servers. SSH, secure shell is a cryptographic network protocol using which you can securely access network services over an unsecured network. SSH allows you to access servers through Terminal and various command line functions. It is helpful if you want to access and administer a server remotely using a secure way.

In this article, I am going to describe how you can remotely manage a Linux server with SSH.

For this article, I am using the following machines:

• For SSH Server – Ubuntu 18.04 TLS
• For SSH Client – Terminal (Ubuntu) & Putty (Windows)

Establishing the SSH connection

Prior to establishing a secure remote connection with a Ubuntu server using SSH, you have to meet some basic requirements.

Prerequisites

Following are some prerequisites:

• The remote server must be powered on and have a stable network connection.
• You will require an IP address of the server.
• The remote server must be accessible through that IP. You can test it using a Ping command.
• SSH server and SSH client tools must be installed in both server and client OS respectively.
• You will require a remote server’s user name and password.
• A Firewall should not be blocking the connection.

Installation of OpenSSH server

To manage a Ubuntu server remotely via SSH, you will need the SSH server software. However, before proceeding for installation of OpenSSH, first, update and upgrade the list of packages to get the most up-to-date repositories.

Update package database

Press Ctrl + Alt + T to launch Terminal in Ubuntu. Enter the following command in Terminal to update package database.

Upgrade installed packages

After updating repositories, run this command in Terminal to check for an upgrade for installed packages.

Advertisement

Once you have updated and upgraded the packages, run the following command in Terminal:

Configuring SSH Server

Now you will need to do some basic and necessary configuration of SSH server in ssh_config file. For this, run the following command in Terminal to open ssh_config:

You can do various configuration settings here. For now, we will do only basic and starting configuration as shown in the below screenshot. Uncomment the below line in ssh_config file:

#Port 22

Under port number, add the line MaxAuthTries. You can enter here any number that will allow a maximum number of login attempts.

MaxAuthTries 4

Once done with the basic configuration, save the file and exit the Nano editor.

Check SSH service status

To check the status of the SSH server, if it is running or not, you can run the following command in Terminal:

Above command confirms that SSH service is active and running.

Now SSH server is set up to accept remote connections from different computers using a SSH client.

If the SSH service is not running you can run it manually by running the following command in Terminal:

You can also stop SSH service by running the following command in Terminal:

Accessing Ubuntu Linux server through SSH client

You can access a Linux server through SSH client in Linux or Windows based OS:

1. Through Terminal ( Linux )
2. Through Putty (Windows )

If you are using a Linux operating system, you can access SSH server using the Terminal program.

Press Ctrl+Alt+T to launch Terminal. Run the command in the below syntax to access a remote server:

$ ssh [remote server] [Port Number]

Where [remote server] is the remote server name or IP and [Port Number] is the remote port for SSH connections.

Or you can also type the command along with the username of the remote server in the following syntax:

$ ssh [username]@[remote server] [Port Number]

Where [username] is the name of the remote server user.

Type yes when it prompts the message asking if you want to continue connectivity. It will add the user to the list of known hosts. Next time you connect, it will not prompt the message again.

When prompted for the password, type the remote user’s password.

Now you are connected to the remote server. You can run any command and use it the same way as you access a local server.

Connect to Ubuntu from Windows using Putty SSH client

If you are using a Windows operating system, you can use putty as an SSH client.

Install putty in your Window OS. To launch Putty, Type putty in the search bar of Windows, and select putty.exe from the best match results.

In the putty configuration window, under session category, type IP address of the remote server in the box labeled as Hostname (or IP address).

From connection type, select SSH radio button. If you are using a port other than default port 22, make sure to change it otherwise leave the default port 22. Then click on Open to allow the connection.

A Terminal will open with a login prompt. Enter the username and password of the remote server user.

After you have successfully logged in to the remote server, you can run any command to manage it.

This is how you can easily connect the Linux servers using SSH. Now you are able to manage and administer the server remotely. SSH is not only a secure method of connecting to a server but also convenient.

Karim Buzdar

About the Author: Karim Buzdar holds a degree in telecommunication engineering and holds several sysadmin certifications. As an IT engineer and technical author, he writes for various web sites. You can reach Karim on LinkedIn

How to login into Ubuntu using SSH from Windows 10/8/7?

SSH which is a Secure shell protocol allows the users to connect the Unix and Linux based operating systems running on servers or desktops remotely. We can run all commands on remote servers like Ubuntu, Debian, Centos, RedHat etc. using the lightweight piece of SSH software. To know more about it see our article: What is SSH (Secure Shell)?

Well, running SSH on Linux using SSH server to connect and login some other Linux system is pretty easy but how to do it between Ubuntu (Linux) and Windows 10/8/7. In this article, we focus on this and let you know the simple way to SSH into Ubuntu from Windows 10.

Note: This method will be the same for Ubuntu 18.04,170.4, 16.04, 14,04… to log in using Windows 7, Windows 8 or Windows 10.

How do I SSH into Ubuntu from Windows?

Step 1: OpenSSH-server on Ubuntu Linux machine

To connect & login the Ubuntu using the SSH first of all we need to install the same on Ubuntu. For this purpose use the command:

Step 2: Enable the SSH server service

After installing the SSH server, enable it on Ubuntu by using the command:

Step 3: Check the SSH status

Once you enabled the SSH service, its time to check whether it is running in the background or not. Use this command:

If you output for above command is * sshd is running then everything is fine and move to the next step.

Step 4: Download the Putty on Windows 10/9/7

To connect or log in the Ubuntu via SSH, we need an SSH client for Windows. The Putty is a free and easy way to login Ubuntu and other Linux servers remotely from Windows using SSH. However, there are numbers of other free SSH clients available online those ones can be used too. Here is the Putty Download Link.

Step 5: Install Putty SSH client on Windows

We can install the Putty.exe downloaded file just like any other software with few clicks. There is no special configuration or setup. Double click on it and follow the guided steps.

Step 6: Run and configure Putty

As we open the Putty, the first screen will be something like shown in the below screen. Now in the Host Name (or IP address) box type the Ip address of the remote Ubuntu server which you want to connect using the SSH protocol.

After adding the right IP address just click on the Open button.

Step 7: Login to Ubuntu server via Putty SSH client

As we click on the Open button, the putty will ask whether you trust the server you about to connect or not, click on YES button.

The black colour command terminal window of the Putty will appear along with login as: text. Enter the username and password of the remote server you want to login. That’s it.

You can also use the command prompt to use the SSH after installing the Putty. Go to Command prompt or PowerShell on Windows 10 and type: putty [ipaddres] and hit the enter button.

For example– putty 192.168.43.94

In this way, we can connect and login remote Ubuntu server or any other Linux or Unix machine over SSH from Windows 10/8/7.

Other Resources to read:

SSO-подключение к серверу Ubuntu Server 14.04 LTS по протоколу SSH с помощью PuTTY с компьютера на базе Windows в домене Active Directory

Продолжая тему интеграции систем на базе Linux в доменную инфраструктуру Active Directory (AD), в этой заметке мы рассмотрим вопрос настройки Single sign-on (SSO) при подключении к Linux-серверу на базе Ubuntu Server 14.04 LTS по протоколу SSH с клиентских компьютеров под управлением Windows. Начнём с настроек на стороне Linux-сервера, который будет выступать в качестве сервера SSH на базе пакета OpenSSH (описание установки и базовой настройки рассмотрено ранее ).

Для начала включим поддержку GSSAPI для службы сервера OpenSSH и пропишем ограничение по группам доступа:

Фрагмент изменённых и добавленных строк конфигурационного файла:

Разрешённые группы нужно указывать через пробел. В списке могут фигурировать как локальные (для локальных пользователей) так и доменные (для доменных пользователей) группы доступа, при этом их названия должны быть указаны в нижнем регистре, так как их возвращает команда groups для текущего пользователя.

Для вступления изменений в силу перезапускаем службу сервера SSH:

Теперь нам нужно реализовать возможность для Kerberos-подсистемы представляться разным службам от имени принципала (SPN) HOST/@ .
Посмотрим что возвращает команда:

Как видно, мы получаем список ключей, которые хранятся в keytab-файле указанном в параметре default_keytab_name конфигурационного файла /etc/krb5.conf , который мы задали ранее конфигурируя систему для Squid. Однако в силу того, что дополнительно мы создавали файл /etc/default/squid3 где прописали путь к keytab-файлу необходимому для Squid, мы смело можем отключить параметр default_keytab_name конфигурационного файла /etc/krb5.conf ,
чтобы в системе по умолчанию использовался файл /etc/krb5.keytab . Итак, отредактируем файл krb5.conf :

Закомментируем в нём ранее записанную нами строку:

Добавляем в дефолтный keytab-файл ( /etc/krb5.keytab ) записи типа HOST/* с помощью команды:

что в нашем случае будет выглядеть как:

Отредактируем конфигурационный файл Samba4:

Добавим в него строчку:

Снова выполним команду вывода списка доступных SPN и убедимся в том, что выводятся данные файла /etc/krb5.keytab и в них есть записи вида HOST/@

Переходим на компьютер под управлением Windows и настраиваем SSH-клиента PuTTY. В категории настроек Session в поле Host Name указываем FQDN имя Linux-сервера, так как оно зарегистрировано в DNS (то же имя, которое мы использовали при добавлении в keytab-файл).

В категории настроек Connection > Data включаем опцию Use system username, чтобы использовалось имя текущего пользователя Windows (будет указано в скобках):

В категории настроек Connection > Auth > GSSAPI включаем опции Attempt GSSAPI… и Allow GSSAPI…

Пробуем выполнить подключение кнопкой Open.

Подключение должно пройти прозрачно без запроса ввода пароля в контексте пользователя, из под которого в данный момент запущен SSH-клиент PuTTY.

Как видим на скриншоте, пользователь Петя Резинкин (доменный логин petya ), включенный в доменную группу безопасности KOM-SRV-Linux-Administrators успешно вошёл в систему без ввода пароля. В процессе первого входа для пользователя был успешно создан домашний каталог. Пользователь смог выполнить команду с повышением прав через sudo.

В случае если подключиться через SSН с помощью PuTTY без явного указания пароля не получается (выходит предложение ввести пароль) включаем расширенное логирование в конфигурационном файле sshd_config

Фрагмент файла отвечающий за функции логирования:

После сохранения файла перезапускаем службу сервера SSH и запускаем наблюдение за системным логом аутентификации: