SSH is a network protocol for secure communication between a client and a server. This enables you to remotely connect to your Debian machine to perform commands, file transfer, or administrative tasks. SSH provides strong authentication using passwords and public key authentication. Once the connection is established, the data that is transmitted is encrypted.
In this tutorial, we learn how to enable SSH on a Debian Desktop system.
Enable SSH on Debian
To install and enable SSH on Debian complete the following steps:
1. Open your terminal update your Debian system:
$ sudo apt update
2. SSH server is not installed by default on the Debian system. To install it, use the package
openssh-server, which is available in the Debian repository. To install SSH, type:
$ sudo apt install openssh-server
Enter the sudo user password when prompted and enter
Y to continue with the installation.
3. Verify the installation by running the following command:
$ sudo systemctl status ssh
SSH service will automatically start and show active (running) to confirm. Press q to exit, back to the shell.
In case not started, use the following command to start ssh service:
$ sudo systemctl start ssh
To enable the ssh service on system boot, type:
$ sudo systemctl enable ssh
4. Find your server IP
You may use different methods to find your Linux system assigned IP address. You can simply issue the following command to get your server IP address:
$ ip a
1: lo: mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 inet 127.0.0.1/8 scope host lo valid_lft forever preferred_lft forever inet6 ::1/128 scope host valid_lft forever preferred_lft forever 2: eth0: mtu 1500 qdisc mq state UP group default qlen 1000 link/ether f2:3c:92:e8:9f:cc brd ff:ff:ff:ff:ff:ff inet 192.168.0.64/24 brd 192.168.0.255 scope global dynamic eth0 valid_lft 48927sec preferred_lft 48927sec inet6 2600:3c02::f03c:92ff:fee8:9fcc/64 scope global dynamic mngtmpaddr noprefixroute valid_lft 2592000sec preferred_lft 604800sec inet6 fe80::f03c:92ff:fee8:9fcc/64 scope link valid_lft forever preferred_lft forever
From the output, you can see that the system IP address is
Connect to your server using SSH
By default, all Linux Distributions have an ssh client installed. This allows the client machine to connect server using ssh.
Use the following ssh command to login the remote machine:
The authenticity of host '192.168.0.64 (192.168.0.64)' can't be established. ECDSA key fingerprint is SHA256:kuEUb8Lpus1yPuKJ6fm8s9E8x61wGv1u6U2OhEb3Ubc. Are you sure you want to continue connecting (yes/no/[fingerprint])? Y
This message comes when you connect the remote host the first time. Press
yes to continue.
Warning: Permanently added '192.168.0.64' (ECDSA) to the list of known hosts. firstname.lastname@example.org's password:
Enter your user password to login. You get the following default welcome message followed by a shell prompt. Great you have logged in securely to Debian.
Linux debian-host-01 5.10.0-8-amd64 #1 SMP Debian 5.10.46-4 (2021-08-03) x86_6 The programs included with the Debian GNU/Linux system are free software; the exact distribution terms for each program are described in the individual files in /usr/share/doc/*/copyright. Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
UFW is the popular user-friendly interface to iptables firewall. UFW is not installed by default on Debian.
To install ufw on Debian, type:
$ sudo apt install ufw
By default, UFW is configured to deny all incoming connections and allow all outgoing connections. Before enabling UFW, enable ssh otherwise it would deny incoming connections.
By default SSH daemon use port 22. For security enhancement, can change the default port or set up port forwarding.
To allow port 22 using ufw, type:
$ sudo ufw allow 22
To enable UFW, type:
$ sudo ufw enable
The firewall is active now, with a firewall rule to allow SSH connections.
You can simply stop the ssh service to disable SSH on Debian.
$ sudo systemctl stop ssh
To disable ssh on system boot, type:
$ sudo systemctl disable ssh
In this tutorial, we learned how to install and enable SSH on Debian 11. You can now securely login to your Debian remote machine and perform your tasks.