DEV Community

Harsh Mishra
Harsh Mishra

Posted on

Connecting one Ubuntu Server OS to another: Complete guide

A Comprehensive Guide to Connecting an Ubuntu Control Node to a Managed Node via SSH

SSH (Secure Shell) is a secure protocol that allows you to connect to remote machines over a network. In this guide, we’ll walk through the complete setup to connect one Ubuntu server (Control Node) to another (Managed Node) using SSH. Along the way, we'll provide in-depth explanations of the key configuration files involved: ~/.ssh/config and /etc/ssh/sshd_config.


What You’ll Learn

  • Setting up SSH on the Control Node and Managed Node.
  • Using hostname -I to retrieve IP addresses.
  • Testing network connectivity with a 5-packet ping.
  • Establishing an SSH connection.
  • Configuring passwordless authentication.
  • Descriptions of critical SSH configuration files.
  • Security enhancements and troubleshooting tips.

Prerequisites

  • Control Node: A primary Ubuntu server or workstation to control and manage other servers.
  • Managed Node: A target Ubuntu server you want to access remotely.
  • User Access: Non-root user accounts with sudo privileges on both nodes.
  • Network Connectivity: Both nodes must be on the same network or reachable over the internet.

Step 1: Install OpenSSH

SSH requires OpenSSH software to enable connections. Here's what you need to install:

  • Control Node: OpenSSH Client (used to initiate SSH connections).
  • Managed Node: OpenSSH Server (used to accept SSH connections).

Install OpenSSH on the Managed Node

  • Update the package list:
  sudo apt update
Enter fullscreen mode Exit fullscreen mode
  • Install the OpenSSH Server:
  sudo apt install openssh-server -y
Enter fullscreen mode Exit fullscreen mode
  • Verify the SSH service is running:
  sudo systemctl status ssh
Enter fullscreen mode Exit fullscreen mode

If inactive, start the service:

  sudo systemctl start ssh
Enter fullscreen mode Exit fullscreen mode

Install OpenSSH on the Control Node

  • Update the package list:
  sudo apt update
Enter fullscreen mode Exit fullscreen mode
  • Install the OpenSSH Client:
  sudo apt install openssh-client -y
Enter fullscreen mode Exit fullscreen mode

Step 2: Find the Managed Node's IP Address

On the Managed Node, retrieve the IP address using hostname -I:

  • Open a terminal and run:
  hostname -I
Enter fullscreen mode Exit fullscreen mode
  • This command displays the IP addresses assigned to the network interfaces.
  • Example output:

    192.168.1.105
    
    • Note the IP address corresponding to the network the Control Node can access (e.g., 192.168.1.105).

Step 3: Verify Network Connectivity

From the Control Node, test connectivity to the Managed Node using a ping command:

  • On the Control Node, run:
  ping -c 5 192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • Replace 192.168.1.105 with the Managed Node's IP address.
  • The -c 5 option limits the ping to 5 packets.

    • Verify the result:
  • Successful output shows:

    5 packets transmitted, 5 received, 0% packet loss
    

Step 4: Establish an SSH Connection

After confirming connectivity, establish an SSH connection from the Control Node to the Managed Node.

  • On the Control Node, run:
  ssh username@192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • Replace username with the username of the account on the Managed Node.
  • Replace 192.168.1.105 with the Managed Node's IP address.

    • Accept the server's host fingerprint:
  The authenticity of host '192.168.1.105 (192.168.1.105)' can't be established.
  RSA key fingerprint is SHA256:...
  Are you sure you want to continue connecting (yes/no)?
Enter fullscreen mode Exit fullscreen mode

Type yes and press Enter.

  • Enter the password for the user account on the Managed Node when prompted.

Step 5: Set Up Passwordless Authentication

For easier and more secure access, configure SSH key-based authentication.

Generate an SSH Key Pair

  • On the Control Node, generate an SSH key pair:
  ssh-keygen
Enter fullscreen mode Exit fullscreen mode
  • Press Enter to accept the default file location (~/.ssh/id_rsa).
  • Optionally, set a passphrase for added security.

Copy the Public Key to the Managed Node

  • Use the ssh-copy-id command:
  ssh-copy-id username@192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • Replace username and 192.168.1.105 as appropriate.
  • Enter the password when prompted.

    • Test the connection:
  ssh username@192.168.1.105
Enter fullscreen mode Exit fullscreen mode
  • You should now log in without entering a password.

Step 6: Understanding SSH Configuration Files

1. ~/.ssh/config (Control Node)

This file allows you to simplify SSH commands and manage multiple connections.

  • Location: ~/.ssh/config (in the home directory of the Control Node user).
  • Usage:

    • Open the file for editing:
    nano ~/.ssh/config
    
    • Add an entry for the Managed Node:
    Host managed-node
        HostName 192.168.1.105
        User username
        IdentityFile ~/.ssh/id_rsa
    
    • Save and exit.
  • Benefits:

    • Allows you to connect using a simple alias:
    ssh managed-node
    

2. /etc/ssh/sshd_config (Managed Node)

This file controls the SSH Server configuration.

  • Location: /etc/ssh/sshd_config (on the Managed Node).
  • Usage:

    • Edit the file:
    sudo nano /etc/ssh/sshd_config
    
    • Common configurations:
    • Disable root login:
      PermitRootLogin no
    
    • Change the default SSH port:
      Port 2222
    
    • Save and restart SSH:
    sudo systemctl restart ssh
    
  • Connecting After Changing the Port:

    • On the Control Node, use the -p option:
    ssh -p 2222 username@192.168.1.105
    

Step 7: Enhancing Security

  • Restrict Access by IP Address:

    • On the Managed Node, allow SSH access only from the Control Node's IP:
    sudo ufw allow from 192.168.1.100 to any port 22
    
  • Set Idle Timeout:

    • In /etc/ssh/sshd_config, add:
    ClientAliveInterval 300
    ClientAliveCountMax 0
    
    • Restart SSH:
    sudo systemctl restart ssh
    

Step 8: Troubleshooting Tips

  • SSH Connection Refused:

    • Ensure the SSH Server is running:
    sudo systemctl start ssh
    
  • Host Key Verification Failed:

    • Remove the old key:
    ssh-keygen -R 192.168.1.105
    
  • Firewall Blocking SSH:

    • Allow SSH through the firewall:
    sudo ufw allow ssh
    

Conclusion

By following this guide, you’ve learned how to connect an Ubuntu Control Node to a Managed Node via SSH. We covered everything from installation and configuration to passwordless login, security best practices, and troubleshooting. Now you’re ready to manage your servers effectively!

Top comments (0)