Install SSH on Ubuntu 22.04 – Get Remote Access Working
You’re about to get a working OpenSSH server on your fresh‑install Ubuntu 22.04 box, so you can log in from another machine without having to sit in front of the monitor. I’ll walk through the exact commands, explain what each one does, and point out the gotchas that usually bite newcomers.
Why the OpenSSH Server Matters
Ubuntu ships with the client side (ssh) already installed, but the server component (sshd) isn’t there by default. Without it you can’t accept inbound connections, which defeats the whole remote‑admin idea. Installing the server also pulls in a few helpful utilities (like scp and sftp) that are hard to live without if you’re moving files around.
Install the OpenSSH Server Package
sudo apt update
sudo apt install openssh-server
apt update refreshes your local package list so you don’t end up with a stale version of the server. The openssh-server package drops the daemon (sshd) into /usr/sbin, creates a default config at /etc/ssh/sshd_config, and registers the service with systemd.
Start the Service and Enable It for Boot
sudo systemctl start ssh
sudo systemctl enable ssh
Starting the daemon right away gets you an SSH listener on port 22. Enabling it tells systemd to fire up sshd automatically after a reboot, which is something I’ve forgotten to do more than once and then spent half an hour troubleshooting why my remote box was suddenly unreachable.
Verify That It’s Listening
sudo ss -tlnp | grep :22
This command lists all listening TCP sockets (-t), shows numeric addresses (-n), filters for the listening state (-l), and prints the owning process (-p). If you see something like 0.0.0.0:22 with sshd attached, the server is up and accepting connections.
Adjust the Firewall (If You’re Using UFW)
sudo ufw allow OpenSSH
UFW’s predefined “OpenSSH” rule opens port 22 for both IPv4 and IPv6. Skipping this step will leave you staring at a timeout when you try to connect from another machine, which is a classic “I can’t SSH but the service is running” scenario I’ve seen many times after enabling ufw without adding any rules.
Test From Another Machine
On your laptop or another PC, run:
ssh username@your-ubuntu-ip
Replace username with an account that exists on the Ubuntu box and your-ubuntu-ip with its local address (run ip a on the server if you’re not sure). The first time you connect you’ll be prompted to accept the host key – type “yes”. If you get a password prompt, you’ve made it.
Tweak the Config for Better Security
Open /etc/ssh/sshd_config in your favorite editor and consider these changes:
- PermitRootLogin no – stops the root user from logging in directly. I once had a script that tried to SSH as root and got locked out for a day because of this.
- PasswordAuthentication no – forces key‑based logins, which are far harder to brute‑force.
- Port 2222 – moving the daemon off the default port can reduce noise from automated scans (it’s security through obscurity, but it buys you a few minutes of peace).
After any edit, reload the daemon:
sudo systemctl reload ssh
Reloading is quicker than a full restart and doesn’t drop existing connections.
Common Pitfalls
- Missing systemd unit – If systemctl status ssh says “Unit not found”, you probably installed only the client (openssh-client). Double‑check that you ran apt install openssh-server.
- SELinux/AppArmor blocks – On Ubuntu this is rare, but a misbehaving profile can prevent sshd from binding to port 22. Check journalctl -u ssh for errors.
- Network interface changes – I’ve seen people lose SSH after switching from Wi‑Fi to Ethernet because the firewall rule only allowed the old interface. Use ufw allow from any to any port 22 proto tcp if you need a quick blanket rule.
That’s it. You should now be able to log in, copy files, and run commands on your Ubuntu box without ever touching the monitor again.
