Chat Zalo Chat Messenger Phone Number Đăng nhập
How to Enable SSH on Debian 9/10 | PhoenixNAP KB

How to Enable SSH on Debian 9/10 | PhoenixNAP KB


SSH stands for Secure Shell. SSH is used to connect to a remote computer that accesses files and perform administrative tasks.

In this tutorial, learn how to enable SSH on Debian 9 (Stretch) or Debian 10 (Buster).

System Prerequisites

Debian to act as SSH server Debian system to

  • act as
  • SSH client

  • Sudo privileges
  • in Debian for each system Access to a

  • command line (Ctrl-Alt-T
  • )

  • Apt package manager (included by default)
  • 5 steps

  • to enable SSH
  • in Debian

When connecting remotely, a secure connection is important: without it, a hacker could intercept usernames, Passwords and configuration files that could compromise the security of your server. These five (5) steps will guide you through the process of establishing a secure connection.


1: Update Package Manager

Before installing new software, update the

list of software repositories with

the following command: sudo apt-get update

The screen confirms that the packages have been updated


Step 2: Install the SSH

server On the server

acting as the server, run the following command:

sudo apt install openssh-server

Enter your password when prompted, then press Y to continue with the installation. In this case, the output indicates that the latest version is already installed.

You can check the status of the SSH service with the following command: sudo systemctl status ssh The system confirms that

the SSH service

is running


Step 3: Start

and stop the SSH server Because SSH

controls connections, it can be useful to know how to start and

stop the service. To stop the SSH

host server, Enter the following:

sudo service ssh stop

If you check the status of the service at this point, the system indicates that SSH is down. It also indicates the exact date and time you stopped.

To start the SSH service, use the following command: sudo SSH Service Home

The service is stopped only until the next restart

. To disable SSH

indefinitely, type

: sudo systemctl disable ssh

To re-enable the SSH service, simply replace disable with enable.

Step 4: Get

your server’s IP address If you are configuring a server locally


you can display the IP address from a terminal window with the following command

: ip a The IP address

will have a format like this:

If you are connecting to a server that is already configured, you will want to obtain the IP address of the server administrator. Or, you can log on with the host name or domain name of the server.

Step 5: Install the SSH Client Service


If you are

connecting to a server that is already configured or have completed the above steps on your server, open a terminal window on your client system and refresh the package list:

sudo apt-get update

By default, most Linux systems have the SSH client installed. If yours doesn’t, enter the following command


sudo apt-get install openssh-client

This example has the latest version installed

. Connect to a server using


Type the following command to connect to the server using a secure shell:

ssh UserName@IPAddressOrHostname Replace the user name with the user

name of an authorized user on the server. After the @ sign, use the IP address from step 4, or you can use the domain name. You can also specify a host name if the server is configured to use one.

When you connect for the first time, the system may ask you for confirmation. Type ‘yes‘ and then ‘enter‘.

The remote system will prompt you for a password. Use the password that accompanies the user name you provided.

The command prompt will change to username@hostname, indicating that the commands you are running are running on the remote server.

Firewall and security settings

By default, Debian uses the UFW firewall which can interfere with

secure shell traffic.

To allow SSH access, use the command:

sudo ufw allow ssh

SSH traffic passes through port 22. The result confirms that the rules have been updated.

To implement the necessary security measures, use the firewall application (or router settings) to configure port forwarding. You will need to consult your documentation for specific information. However, the strategy is to forward traffic requests entering port 22 to the IP address of the machine behind the firewall.

You can also configure your firewall or router to accept SSH traffic on a different port, it’s an extra step, but then you can route that incoming traffic to port 22 on your server. This is a useful solution when opening your server to internet traffic. Why? Many intrusion attempts enter port 22 attempting to access SSH. Changing the port will restrict access only to those who know the correct port, thus limiting unauthorized connections.


By following the steps in this article, you have successfully enabled an SSH connection in Debian


You can now connect to a remote securley host and continue to manage your servers in a secure environment


Check out our guide on the “ssh_exchange_identification: Read: Peer Connection Reset” error if you notice it while connecting to your remote server.

Contact US