SSH Full Documentation
This guide covers SSH installation, configuration, key authentication, firewall setup, remote access, security, and troubleshooting.
Install SSH Server
# Update system
sudo apt update
# Install OpenSSH server
sudo apt install openssh-server -y
sudo apt update
# Install OpenSSH server
sudo apt install openssh-server -y
Check SSH Service
systemctl status ssh
ssh -V
ssh -V
Basic SSH Configuration
sudo nano /etc/ssh/sshd_config
# Important settings
PermitRootLogin no
PasswordAuthentication yes
PubkeyAuthentication yes
# Important settings
PermitRootLogin no
PasswordAuthentication yes
PubkeyAuthentication yes
Change SSH Port
sudo nano /etc/ssh/sshd_config
# Change default port 22
Port 2222
# Change default port 22
Port 2222
Restart SSH Service
sudo systemctl restart ssh
sudo systemctl status ssh
sudo systemctl status ssh
SSH Login Methods
# Password login
ssh user@server_ip
# Custom port
ssh -p 2222 user@server_ip
ssh user@server_ip
# Custom port
ssh -p 2222 user@server_ip
SSH Key Authentication
# Generate key on client
ssh-keygen -t rsa -b 4096
# Copy key to server
ssh-copy-id user@server_ip
# Disable password login (optional)
PasswordAuthentication no
ssh-keygen -t rsa -b 4096
# Copy key to server
ssh-copy-id user@server_ip
# Disable password login (optional)
PasswordAuthentication no
Allow SSH in Firewall
sudo ufw allow 22
sudo ufw allow 2222
sudo ufw reload
sudo ufw allow 2222
sudo ufw reload
Cloud Security Group (AWS / VPS)
# Add inbound rule:
Port: 2222
Source: your IP or 0.0.0.0/0
Port: 2222
Source: your IP or 0.0.0.0/0
Connect via SSH
ssh user@192.168.1.10
ssh -p 2222 user@192.168.1.10
ssh -p 2222 user@192.168.1.10
Windows SSH Access
# PowerShell / CMD
ssh user@server_ip
# If custom port
ssh -p 2222 user@server_ip
ssh user@server_ip
# If custom port
ssh -p 2222 user@server_ip
SSH Security Hardening
# Disable root login
PermitRootLogin no
# Change default port
Port 2222
# Use keys only
PasswordAuthentication no
PermitRootLogin no
# Change default port
Port 2222
# Use keys only
PasswordAuthentication no
Test SSH Configuration
sudo sshd -t
sudo sshd -T | grep port
sudo sshd -T | grep port
Check SSH Logs
sudo journalctl -u ssh -f
sudo tail -f /var/log/auth.log
sudo tail -f /var/log/auth.log
Common Problems & Fixes
# Service not listening on new port
sudo systemctl restart ssh
# Host key changed warning
ssh-keygen -R "[server_ip]:2222"
# Connection refused
sudo ufw allow 2222
sudo systemctl restart ssh
# Check active port
sudo ss -tulnp | grep ssh
sudo systemctl restart ssh
# Host key changed warning
ssh-keygen -R "[server_ip]:2222"
# Connection refused
sudo ufw allow 2222
sudo systemctl restart ssh
# Check active port
sudo ss -tulnp | grep ssh