DEV Community

Harsh Mishra
Harsh Mishra

Posted on

Connecting one Ubuntu Server OS to another via ssh: Complete guide

A Comprehensive Guide to Connecting an Ubuntu Control Node to a Managed Node via SSH

SSH (Secure Shell) is a secure protocol that allows you to connect to remote machines over a network. In this guide, we’ll walk through the complete setup to connect one Ubuntu server (Control Node) to another (Managed Node) using SSH. Along the way, we'll provide in-depth explanations of the key configuration files involved: ~/.ssh/config and /etc/ssh/sshd_config.


What You’ll Learn

  • Setting up SSH on the Control Node and Managed Node.
  • Using hostname -I to retrieve IP addresses.
  • Testing network connectivity with a 5-packet ping.
  • Establishing an SSH connection.
  • Configuring passwordless authentication.
  • Descriptions of critical SSH configuration files.
  • Security enhancements and troubleshooting tips.

Prerequisites

  • Control Node: A primary Ubuntu server or workstation to control and manage other servers.
  • Managed Node: A target Ubuntu server you want to access remotely.
  • User Access: Non-root user accounts with sudo privileges on both nodes.
  • Network Connectivity: Both nodes must be on the same network or reachable over the internet.

Step 1: Install OpenSSH

SSH requires OpenSSH software to enable connections. Here's what you need to install:

  • Control Node: OpenSSH Client (used to initiate SSH connections).
  • Managed Node: OpenSSH Server (used to accept SSH connections).

Install OpenSSH on the Managed Node

  • Update the package list:
  sudo apt update
Enter fullscreen mode Exit fullscreen mode
  • Install the OpenSSH Server:
  sudo apt install openssh-server -y
Enter fullscreen mode Exit fullscreen mode
  • Verify the SSH service is running:
  sudo systemctl status ssh
Enter fullscreen mode Exit fullscreen mode

If inactive, start the service:

  sudo systemctl start ssh
Enter fullscreen mode Exit fullscreen mode

Install OpenSSH on the Control Node

  • Update the package list:
  sudo apt update
Enter fullscreen mode Exit fullscreen mode
  • Install the OpenSSH Client:
  sudo apt install openssh-client -y
Enter fullscreen mode Exit fullscreen mode

Step 2: Find the Managed Node's IP Address

On the Managed Node, retrieve the IP address using hostname -I:

  • Open a terminal and run:
  hostname -I
Enter fullscreen mode Exit fullscreen mode
  • This command displays the IP addresses assigned to the network interfaces.
  • Example output:

    192.168.1.105
    
    • Note the IP address corresponding to the network the Control Node can access (e.g., 192.168.1.105).

Step 3: Verify Network Connectivity

From the Control Node, test connectivity to the Managed Node using a ping command:

  • On the Control Node, run:
  ping -c 5 192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • Replace 192.168.1.105 with the Managed Node's IP address.
  • The -c 5 option limits the ping to 5 packets.

    • Verify the result:
  • Successful output shows:

    5 packets transmitted, 5 received, 0% packet loss
    

Step 4: Establish an SSH Connection

After confirming connectivity, establish an SSH connection from the Control Node to the Managed Node.

  • On the Control Node, run:
  ssh username@192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • Replace username with the username of the account on the Managed Node.
  • Replace 192.168.1.105 with the Managed Node's IP address.

    • Accept the server's host fingerprint:
  The authenticity of host '192.168.1.105 (192.168.1.105)' can't be established.
  RSA key fingerprint is SHA256:...
  Are you sure you want to continue connecting (yes/no)?
Enter fullscreen mode Exit fullscreen mode

Type yes and press Enter.

  • Enter the password for the user account on the Managed Node when prompted.

Step 5: Set Up Passwordless Authentication

For easier and more secure access, configure SSH key-based authentication.

Generate an SSH Key Pair

  • On the Control Node, generate an SSH key pair:
  ssh-keygen
Enter fullscreen mode Exit fullscreen mode
  • Press Enter to accept the default file location (~/.ssh/id_rsa).
  • Optionally, set a passphrase for added security.

Copy the Public Key to the Managed Node

  • Use the ssh-copy-id command:
  ssh-copy-id username@192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • Replace username and 192.168.1.105 as appropriate.
  • Enter the password when prompted.

    • Test the connection:
  ssh username@192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • You should now log in without entering a password.

Step 6: Understanding SSH Configuration Files

1. ~/.ssh/config (Control Node)

This file allows you to simplify SSH commands and manage multiple connections.

  • Location: ~/.ssh/config (in the home directory of the Control Node user).
  • Usage:

    • Open the file for editing:
    nano ~/.ssh/config
    
    • Add an entry for the Managed Node:
    Host managed-node
        HostName 192.168.1.105
        User username
        IdentityFile ~/.ssh/id_rsa
    
    • Save and exit.
  • Benefits:

    • Allows you to connect using a simple alias:
    ssh managed-node
    

2. /etc/ssh/sshd_config (Managed Node)

This file controls the SSH Server configuration.

  • Location: /etc/ssh/sshd_config (on the Managed Node).
  • Usage:

    • Edit the file:
    sudo nano /etc/ssh/sshd_config
    
    • Common configurations:
    • Disable root login:
      PermitRootLogin no
    
    • Change the default SSH port:
      Port 2222
    
    • Save and restart SSH:
    sudo systemctl restart ssh
    
  • Connecting After Changing the Port:

    • On the Control Node, use the -p option:
    ssh -p 2222 username@192.168.1.105
    

Step 7: Enhancing Security

  • Restrict Access by IP Address:

    • On the Managed Node, allow SSH access only from the Control Node's IP:
    sudo ufw allow from 192.168.1.100 to any port 22
    
  • Set Idle Timeout:

    • In /etc/ssh/sshd_config, add:
    ClientAliveInterval 300
    ClientAliveCountMax 0
    
    • Restart SSH:
    sudo systemctl restart ssh
    

Step 8: Troubleshooting Tips

  • SSH Connection Refused:

    • Ensure the SSH Server is running:
    sudo systemctl start ssh
    
  • Host Key Verification Failed:

    • Remove the old key:
    ssh-keygen -R 192.168.1.105
    
  • Firewall Blocking SSH:

    • Allow SSH through the firewall:
    sudo ufw allow ssh
    

Conclusion

By following this guide, you’ve learned how to connect an Ubuntu Control Node to a Managed Node via SSH. We covered everything from installation and configuration to passwordless login, security best practices, and troubleshooting. Now you’re ready to manage your servers effectively!

Speedy emails, satisfied customers

Postmark Image

Are delayed transactional emails costing you user satisfaction? Postmark delivers your emails almost instantly, keeping your customers happy and connected.

Sign up

Top comments (0)

A Workflow Copilot. Tailored to You.

Pieces.app image

Our desktop app, with its intelligent copilot, streamlines coding by generating snippets, extracting code from screenshots, and accelerating problem-solving.

Read the docs

👋 Kindness is contagious

Dive into an ocean of knowledge with this thought-provoking post, revered deeply within the supportive DEV Community. Developers of all levels are welcome to join and enhance our collective intelligence.

Saying a simple "thank you" can brighten someone's day. Share your gratitude in the comments below!

On DEV, sharing ideas eases our path and fortifies our community connections. Found this helpful? Sending a quick thanks to the author can be profoundly valued.

Okay