- Как установить и настроить SSH-сервер на Debian
- Основные понятия
- Как установить OpenSSH
- Enable SSH Server on Debian 11
- Topic Contents
- Installing OpenSSH SSH Server
- Checking the SSH Server Status
- Starting and Stopping the SSH Server
- Adding and Removing the SSH Service from the System Startup
- Accessing the SSH Server
- Configuring the SSH Server
- Enabling Root Access for the SSH Server
- Changing the Port of the SSH Server
- Conclusion
- About the author
- Shahriar Shovon
Как установить и настроить SSH-сервер на Debian
В этой статье мы рассмотрим понятия Debian, SSH и OpenSSH, расскажем из каких этапов состоит настройка SSH-сервера на Debian и покажем, как ее сделать.
Основные понятия
Debian — это одна из самых популярных и распространенных операционных систем Linux (GNU). Дистрибутив разработан по принципу свободного ПО с открытым исходным кодом. Debian является универсальной операционной системой, поскольку подходит как для повседневного использования, так и для специфической работы на серверах. Она оказала значительное влияние на развитие подобного типа ОС.
Нередко на Debian приходится настраивать SSH-сервер. SSH (от англ. Secure Shell ― безопасная оболочка) ― это один из сетевых протоколов безопасности, который позволяет удаленно подключаться к серверу и управлять им. Протокол работает по принципу взаимодействия двух сторон — клиента и сервера. Он требует аутентификации сторон одним из способов: по IP-адресу, по паролю или с помощью ключевой пары. Secure Shell по умолчанию проводит соединения по порту 22. Подробнее читайте в статье.
Лучшим инструментом для работы по SSH на сервере является OpenSSH. OpenSSH (Open Secure Shell) — набор утилит, который работает на базе протокола SSH и позволяет шифровать сеансы связи в процессе работы через сеть. Благодаря Secure Shell можно в режиме реального времени удаленно посылать команды на сервер и обмениваться с ним данными. OpenSSH содержит такие компоненты, как SCP, SFTP, SFTP-server и другие. Этот комплект ПО аутентифицирует пользователей с помощью нескольких встроенных механизмов: вызов-отклик, публичные ключи, протокол аутентификации kerberos и интерфейс GSS-AP.
Чтобы настроить защищенное соединение на Debian, необходимо не только установить набор программ OpenSSH, но и внести дополнительные настройки. О том, как это сделать, мы рассказали в инструкциях ниже.
Как установить OpenSSH
Enable SSH Server on Debian 11
SSH is a protocol used to administer a remote computer from the command line. It is widely used to remotely manage Linux desktops and servers.
This article serves as a guide on how to install the OpenSSH SSH server on Debian 11 and how to configure it. Let’s get started.
Topic Contents
Installing OpenSSH SSH Server
The OpenSSH SSH server package is available in the official package repository of Debian 11, so it is very easy to install.
First, update the APT package repository cache of your Debian 11 desktop/server with the following command:
To install the OpenSSH SSH server on Debian 11, run the following command:
To confirm the installation, press Y and then press Enter>.
After confirming, the OpenSSH SSH server and all the required dependency packages will then be installed. It takes a few seconds to complete the installation process.
At this point, the OpenSSH SSH server should be successfully installed in the system.
Checking the SSH Server Status
You can check if the SSH server is running and if it is added to the system startup (so that it automatically starts on boot) with the following command:
As you can see, the SSH server is enabled 1 . It means that it’s added to the system startup and it will automatically start on boot.
If the SSH server is inactive (dead) 2 , it means that it’s not running at the moment. If you see an active (running) status, it means that the SSH server is running.
Starting and Stopping the SSH Server
You can start the OpenSSH SSH server using the following command:
Here, you can see that the SSH server is active/running 1 . It’s listening on port 22 for SSH connections 2 .
If you want to stop the OpenSSH SSH server, run the following command:
Adding and Removing the SSH Service from the System Startup
You can add the SSH service to the system startup of Debian 11 using the command provided below to start the OpenSSH SSH server automatically on system boot.
If you don’t want to start the OpenSSH SSH server automatically on system boot, you can remove the SSH service from the system startup of Debian 11.
Accessing the SSH Server
To access the OpenSSH SSH server, you will need to know the IP address of your Debian 11 desktop/server.
You can run the following command on your Debian 11 desktop/server to find its IP address.
The IP address of my Debian 11 desktop is 192.168.0.115 as you can see in the screenshot below. It is different from yours, so make sure to input your desktop/server IP address.
You will also need to know the login username of your Debian 11 desktop/server. You can find it using the following command:
The login username of my Debian 11 desktop is shovon as you can see in the screenshot below. Yours is different, so make sure to input your own login username.
Once you know the login username and IP address of your Debian 11 desktop/server, you can connect to your Debian 11 desktop/server remotely via SSH as follows:
NOTE: Make sure to replace and with the login username and IP address of your Debian 11 desktop/server respectively.
In my case, the command is:
Type in Yes and press to confirm the fingerprint.
Type in the password of your login user and press .
You should be logged in to your Debian 11 desktop/server remotely via SSH.
You can run any commands here for managing and monitoring your Debian 11 desktop/server remotely.
Once you’re done, you can close the SSH session with the following command:
Configuring the SSH Server
The configuration files of the OpenSSH SSH server are in the /etc/ssh directory. The main OpenSSH SSH server configuration file is sshd_config as you can see in the screenshot below.
To configure the SSH server, you can open the sshd_config file with the nano text editor as follows:
The OpenSSH SSH server configuration file sshd_config should be opened with the nano text editor.
Make the necessary changes here. Once you’re done, press + X followed by Y and to save the configuration file.
Every time you make any changes to the sshd_config file, you will have to restart the OpenSSH SSH server with the following command:
To learn about all the available options and what they are used for, you can read the manpage of the sshd_config configuration file.
To open the manpage of the sshd_config configuration file, run the following command:
The manpage of the sshd_config configuration file should be opened. Scroll up and down the manpage to find the information you need to configure the OpenSSH SSH server.
Enabling Root Access for the SSH Server
By default, you won’t be able to access the OpenSSH SSH server as root. If you need to log in to the SSH server as the root user, you will have to enable it from the sshd_config file.
Open the sshd_config file with the nano text editor as follows:
Find the PermitRootLogin option as marked in the screenshot below. It is commented out by default.
Uncomment the PermitRootLogin option and set it to yes as marked in the screenshot below.
Once you’re done, press + X followed by Y and to save the sshd_config file.
For the changes to take effect, restart the OpenSSH SSH server with the following command:
Now, you have to set a root password to enable the root user account on your Debian 11 desktop/server.
To set a root password and enable the root user account, run the following command:
Type in your desired root password and press .
Retype your root password and press .
A root password should be set and the root account should be enabled.
You can log in to your Debian 11 desktop/server remotely via SSH as the root user as follows:
NOTE: Make sure to replace with the IP address of your Debian 11 desktop/server.
In my case, the command is:
Type in the login password of the root user and press .
You should be logged in to the Debian 11 desktop/server as the root user.
You can run any command you want on your Debian 11 desktop/server from here.
Once you’re done, you can close the SSH session as follows:
Changing the Port of the SSH Server
At times, for security reasons, you will want to change the default SSH server port 22 to something like 2222.
To do that, open the sshd_config file with the nano text editor as follows:
You will find the Port option on top of the file as marked in the screenshot below.
Uncomment the Port option and set it to 2222 as marked in the screenshot below to configure the SSH server to listen on port 2222.
Once you’re done, press + X followed by Y and to save the sshd_config file.
For the changes to take effect, restart the OpenSSH SSH server with the following command:
Once you’ve changed the SSH server port, you will have to use the -p option followed by the port number while connecting to the SSH server remotely as follows:
NOTE: Replace with the port number of the SSH server.
In my case, the command is:
Type in your login password and press .
You should be logged in to your Debian 11 desktop/server remotely via SSH.
Conclusion
This article guides you on how to install the OpenSSH SSH server on your Debian 11 desktop/server, how to access the SSH server to manage/monitor your Debian 11 desktop/server remotely via SSH, and how to configure the SSH server to enable root access and change the SSH port as well.
About the author
Shahriar Shovon
Freelancer & Linux System Administrator. Also loves Web API development with Node.js and JavaScript. I was born in Bangladesh. I am currently studying Electronics and Communication Engineering at Khulna University of Engineering & Technology (KUET), one of the demanding public engineering universities of Bangladesh.