34,333
edits
Changes
→Configuring the Ubuntu Linux Firewall to Allow SSH Connections
Tab to the ''OK'' button and press ''Enter'' to return to the main screen. Tab once again to the ''OK'' button and press enter to exit ''lokkit''.
If you have configured your fire3wall using the Firestarter tool you will need to set up an incoming connection policy to allow connections to the SSH service. Configuring Firestarter is covered in detail in [[Using Firestarter to Configure an Ubuntu Linux Firewall]].
== Using SSH on Ubuntu ==
SSH can be used to log into your system from a remote system. It is also possible to test that the SSH server is runnign and accessible from the local machine. SSH connections are established using the ''ssh'' client utility.
To connect from your local machine back to itself use the following command:
<pre>
ssh -l username ipaddresss
</pre>
Where ''username is teh name of the user you wish to log in as and ''ipaddress'' is the IP address of your system. You can also substitute the hostname of the system in place of the IP address. If you do not know the IP address run the ''ipconfig'' command in a termianl window. This will output information similar to:
<pre>
eth0 Link encap:Ethernet HWaddr 00:13:72:0B:14:57
inet addr:192.168.2.21 Bcast:192.168.2.255 Mask:255.255.255.0
inet6 addr: fe80::213:72ff:fe0b:1457/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:4261067 errors:0 dropped:0 overruns:0 frame:0
TX packets:4409081 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:100
RX bytes:2068332349 (1.9 GiB) TX bytes:2408187471 (2.2 GiB)
Base address:0xcce0 Memory:fe3e0000-fe400000
</pre>
In the above output the IP address is shown as ''inet addr:'', in this case 192.168.2.21.
To connect from a remote system perform the same steps above using either the IP address or host name of the remote host to which you connect. Enter you password when prompted and you will find yourself logged into the remote system.
== Copying files using SSH ==
The SSH service provides a mechanism for copying files to and from a remote system. Copying is performed using the ''scp'' utility. To copy a file to a directory on a remote system execute the following command:
<pre>
scp myfile.txt [email protected]:/home/demo
</pre>
Where myfile.txt is the name of the file to be uploaded to the remote system, ''username'' is the name of user account to be used to log into the remote system, 192.168.2.1 is replaced by the real IP address or hostname of the system and /home/demo represents the directory into which the file should be copied.
The above file could similarly be copied from the remote system to the local system as follows:
<pre>
scp [email protected]:/home/demo/myfile.txt .
</pre>
The above command will copy the remote file to the current directory on the local system.
== Disabling the SSH Server ==
Having configured the system to run the SSH server we can now look at how to disable it. As we mentions previously the SSH server runs in the background as a service. In order to diable SSH we need to turn off the SSH serivce. This can be achieved using the ''Services'' tool. To launch the services tool click on the desktop ''System'' menu and select ''Services'' from the ''Administration'' sub-menu. Enter your password when prompted to do so. The Services tool will appear containing a list of all available services. Scroll down to find the ''Remote shell server'' entry as shown below:
[[Image:Example.jpg]]
Uncheck the box next to the SSH entry and click on the ''Close'' button. The SSH server is now disabled. To re-enable the server repeat the above steps and check the box next to 'Remote shell server'' to enable the service.
