≡ Menu

Debian Linux Install OpenSSH SSHD Server

How do I install OpenSSH sshd server under Debian GNU/Linux operating systems?

You need to use the apt-get or aptitude command to install OpenSSH server under Debian Linux. Open a terminal and type the following command to update package database as root user:
# apt-get update

Task: Install OpenSSH server Under Debian Linux

Type the following command:
# apt-get install openssh-server
Sample outputs:

Reading package lists... Done
Building dependency tree
Reading state information... Done
Suggested packages:
  ssh-askpass rssh molly-guard ufw
The following NEW packages will be installed:
  openssh-server
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 318 kB of archives.
After this operation, 717 kB of additional disk space will be used.
Get:1 http://mirror.anl.gov/debian/ squeeze/main openssh-server amd64 1:5.5p1-6+squeeze1 [318 kB]
Fetched 318 kB in 3s (89.0 kB/s)
Preconfiguring packages ...
Selecting previously deselected package openssh-server.
(Reading database ... 153448 files and directories currently installed.)
Unpacking openssh-server (from .../openssh-server_1%3a5.5p1-6+squeeze1_amd64.deb) ...
Processing triggers for man-db ...
Setting up openssh-server (1:5.5p1-6+squeeze1) ...
Creating SSH2 RSA key; this may take some time ...
Creating SSH2 DSA key; this may take some time ...
Restarting OpenBSD Secure Shell server: sshd.

By default openssh will run on the TCP port 22. You can verify the same with the following command:
# netstat -tulpn | grep :22
Sample outputs:

tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN      3946/sshd
tcp6       0      0 :::22                   :::*                    LISTEN      3946/sshd

You can connect to the Openssh server, type:
$ ssh user@localhost
$ ssh user@sever-ip-here

How Do I Start / Stop / Restart OpenSSH Server Under Debian Linux?

Type the following commands as root user:
# service ssh stop
# service ssh start
# service ssh restart
# service ssh status

OR
# /etc/init.d/ssh stop
# /etc/init.d/ssh start
# /etc/init.d/ssh restart
# /etc/init.d/ssh status

Sample session:

Fig.01: OpenSSH under Debian Linux

Click to enlarge the image

How Do I Open Port 22 At The Firewall Level?

Edit your firewall script and append the following rule to restrict access to 192.168.1.0/24:

/sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT

Save and close the file. OR, you can type the command as follows and save it to your firewall config file:

# /sbin/iptables -A INPUT -s 192.168.1.0/24 -m state --state NEW -p tcp --dport 22 -j ACCEPT
# iptables-save > /path/to/your.firewall.conf

How Do I Configure and Secure OpenSSH Server under Debian Linux?

You need to edit the /etc/ssh/sshd_config file using the text editor such as vi, run:
# vi /etc/ssh/sshd_config
See this article which explains config option to tweak in order to improve OpenSSH server security.

Tweet itFacebook itGoogle+ itPDF itFound an error/typo on this page?

{ 3 comments… add one }

  • Peter Teoh July 4, 2012, 12:23 am

    I had setup as above, but localhost connect or remote I will get the same error:

    Read from socket failed: Connection reset by peer

    and in verbose mode it is:

    bt:/root>ssh -vvvv root@localhost
    OpenSSH_5.3p1 Debian-3ubuntu6, OpenSSL 0.9.8k 25 Mar 2009
    debug1: Reading configuration data /etc/ssh/ssh_config
    debug1: Applying options for *
    debug2: ssh_connect: needpriv 0
    debug1: Connecting to localhost [::1] port 22.
    debug1: Connection established.
    debug1: permanently_set_uid: 0/0
    debug1: identity file /root/.ssh/identity type -1
    debug1: identity file /root/.ssh/id_rsa type -1
    debug1: identity file /root/.ssh/id_dsa type -1
    debug1: Remote protocol version 2.0, remote software version OpenSSH_5.3p1 Debian-3ubuntu6
    debug1: match: OpenSSH_5.3p1 Debian-3ubuntu6 pat OpenSSH*
    debug1: Enabling compatibility mode for protocol 2.0
    debug1: Local version string SSH-2.0-OpenSSH_5.3p1 Debian-3ubuntu6
    debug2: fd 3 setting O_NONBLOCK
    debug1: SSH2_MSG_KEXINIT sent
    debug3: Wrote 792 bytes for a total of 831
    Read from socket failed: Connection reset by peer
    bt:/root>
    

    Why?

  • Kay October 3, 2012, 11:25 am

    @ Peter Teoh

    Look at the line : debug1: Connecting to localhost [::1] port 22.

    You will need to edit /etc/ssh/sshd_config amend the line;

    #ListenAddress 0.0.0.0

    to

    ListenAddress YOURSSHSERVERIP

    Save, Stop, Start the SSHD service

  • Adam January 1, 2015, 4:35 pm

    Hello there,
    I can’t find my sshd in /etc/init.d/sshd
    but I do have the config file in /etc/ssh/ssh_config

    When I try and start it I get an error command not found
    tried both service (sshd, ssh) start
    also tried service sshd start
    I get an error command not found, any ideas thank you.

    P.S for this website, I don’t know why almost all websites have these google apps loading forever they never load they keep going around in circles and that drains the resources of our pc’s after a while, this is ridiculous nothing from Google works anymore.
    It is really winding me up
    You can leave it for hours it never loads I thought I’d mention it.
    Regards

Leave a Comment