SSH in Ubuntu — Complete Explanation With Code Samples

SSH (Secure Shell) is a protocol that lets you securely connect to a remote Linux machine over a network. It provides:
• Encrypted login
• Secure file transfer
• Remote command execution
• Port forwarding and tunneling

1. Install SSH (OpenSSH Server & Client)

Check if SSH client is installed (usually preinstalled)
ssh -V

Install SSH client

sudo apt update
sudo apt install openssh-client

Install SSH server (needed if you want others to connect to your PC)

sudo apt install openssh-server

Start and enable SSH service

sudo systemctl start ssh
sudo systemctl enable ssh

Check service status
sudo systemctl status ssh

1. Find Your Machine’s IP Address

If you want to connect to this machine from another device:
ip a

Look under:
inet 192.168.x.x

1. Connect to a Remote Machine Using SSH Basic SSH command: ssh username@hostname

Examples:
ssh ubuntu@192.168.1.10
ssh saikat@myserver.com

SSH will ask for the remote password.

1. SSH Using a Custom Port
   If the server runs SSH on another port:
   ssh -p 2222 user@server

2. Generate SSH Keys (Passwordless Login)
   SSH keys are more secure and convenient than passwords.
   Generate keys
   ssh-keygen

This creates:
• Private key → ~/.ssh/id_rsa
• Public key → ~/.ssh/id_rsa.pub
Press Enter to accept defaults.
Copy your public key to the server

ssh-copy-id user@server

Now you can log in without entering a password.

1. SSH Server Settings (Advanced)

SSH server config file:
/etc/ssh/sshd_config

You can modify:
• Port number
• Root login permissions
• Key-only authentication

Example: change SSH port
Open the file:
sudo nano /etc/ssh/sshd_config

Change:

Port 2222
PermitRootLogin no
PasswordAuthentication yes

Restart SSH:
sudo systemctl restart ssh


1. Running Remote Commands with SSH
   You can execute commands directly:
   ssh user@server "ls -l /var/www"
ssh user@server "sudo apt update"

2. Copy Files via SCP (Secure Copy)

Upload a file to remote server:
scp file.txt user@server:/home/user/

Download from remote:
scp user@server:/var/log/syslog .

Copy a folder recursively:
scp -r myfolder user@server:/home/user/

1. Using SFTP (SSH File Transfer) Start SFTP session:

sftp user@server

In SFTP:

ls
get file.txt
put upload.zip
cd /var/www
Exit:
bye

1. SSH Tunneling (Port Forwarding)

Local port forward (access remote DB locally)
ssh -L 3307:localhost:3306 user@server

This exposes remote MySQL (3306) on your local machine at 3307.

Remote port forward (expose a local website)
ssh -R 8080:localhost:3000 user@server

1. Test SSH in WSL (Windows Subsystem for Linux)

You can use SSH from WSL.

Client works automatically:

ssh user@server

Using SSH server inside WSL
You need to enable the service:

sudo apt install openssh-server
sudo service ssh start

Find WSL IP:
ip a

But note:
WSL resets its IP each restart, and incoming connections may not work without configuring Windows firewall/port-forwarding.