Sometimes you need to connect SSH to a home or working PC for it to configure.

Installation plan

1. Install the SSHD on the Ubuntu Linux server.
2. Configure SSHD on the server. Instead of Port 22 TCP, by default for the SSH service in this example, we will use Port 22334.
3. SSHD server must be launched and constantly. Allow the launch of the SSHD service.
4. UFW local firewall should be configured: allow access from outside to port 22334/TCP.
5. If it is planned to connect from the Internet, a “passage” from WAN port of the router Port 22334 to the IP address of the computer in the local network should be completed.
6. Install SSH on the MX Linux client (Debian 11 "Buster" или Debian 12 "Bookworm")
7. Connect SSH from a client to the server.

At the end of the article I touched X11-ForwarDing.

Шаг 1. Установка SSHD на сервер

SSHD installation in Ubuntu Linux - the parameters of the APT -GET command indicate the name of the SSH meta packet:

sudo apt-get instaLL SSH

This command will install packages openssh-client и openssh-server одновременно.

Step 2. SSHD SIST

SSHD setting on a computer, to which we connect from the outside
First I copy in bak, i.e. I put aside the source configuration file SSHD:

sudo cp /etc/ssh/sshd_config /etc/ssh/sshd_config.COPY

Correct a configuration file According to the instructions с учётом того, что вход будет осуществляться по паролю.

Corrected it using the editor "Nano":

sudo nano /etc/ssh/SSHD_CONFIG

My configuration file sshd_config give below (it can be copy and insert it):

cat /etc/ssh/sshd_config | grEP \# -V

Include /etc/ssh/sshd_config.d/*.conf
Port 22334
AddressFamily inet
ListenAddress 0.0.0.0
PermitRootLogin no
MaxAuthTries 6
MaxSessions 1
PasswordAuthentication yes
PermitEmptyPasswords no
ChallengeResponseAuthentication no
UsePAM yes
X11Forwarding yes
X11DisplayOffset 10
PrintMotd no
AcceptEnv LANG LC_*
Subsystem sftp /usr/lib/openssh/sftp-server

Step 3. Settling SSHD service on the Ubuntu server

The SSHD service is used on the server for remote server administration to connect to it from the outside.

Resolution of the constant launch of the SSHD service when loading the operating system - by the name of the SSH.Service service:

sudo systemctl enaBle SSH

Restanation of the SSHD demon to apply changes in the configuration file on the server (main PC).

sudo systemctl restarT SSH

Шаг 4. Настройка локального брандмауэра UFW

Launch and allow UFW starting after rebooting, one team.

sudo systemctl enaBLE -NOW UFW

Examination:

sudo systemctl staTUS UFW

To open the "secret" port 22334 SSHD servers on the firewall, I executed a command that adds the resolution:

sudo ufw allow 22334

View the Rules of the Brandmauer UFW:

sudo ufw show added

Step 5. Port

Since I tested the task inside the local network, I miss this item. Everyone can configure the passage of the "secret" port of SSH on the Internet router on their own. If the VPN tunnel is used, the passage of ports, which is obvious, does not need to be performed.

Step 6. Installing SSH on a netbook under the control of MX Linux (Debian)

In Debian, the SSH installation command is somewhat different than in Ubuntu:

sudo apt-get instaLL SSH

Step 7. Connection to the SSH server from the client

If the server has a static "white" IP address, the connection to it from the client is performed by the command

ssh user@123.45.67.8 -p 22334

where user is the user login that must exist on the server,
123.45.67.8 - IP server address,
22334 - SSH port.

At the first connection, there will be a message about trust in the server, answered from the keyboard "yes".
Then you need to enter password to the account user , and you will get into the console (terminal session) of the server.

Result

Further actions

If you are planned to often connect to the server with the same machine, instead of password protection, configure the connection to the SSH server by certificates generated by SSH-KEYGEN, as described in ITP articleroffi.ru.

Solving the problem with x11 forwarDing

(Addition from 11.11.2023) .
After completing the instructions, I earned access to the server in the SSH text mode, but it was not possible to work from the client’s terminal in the x11 fo moderwarding (ssh -X ...) и далее при выполнении графических приложений сервера на клиенте, например, при запуске из ssh-сессии xclock возникала ошибка "connect localhost port 6000: Connection refused. Error: Can't open display: locaLhost: 10.0 ". This problem in the client’s terminal is not solved in any way. I did it like this:

on the client:

sudo apt instaLL PUTTY

Then -
Start - Internet - Putty SSH Client

"Configuraion" - connection - SSH - enable comprEssion
"Configuraion" - connection - SSH - X11 - Enable X11 forwarDing
"ConfiguraIon " - " Session " - introduced IP address and server port
"Configuraion" - "Session" - saved sessions - My - saVE
chose my
pressed "Open"

• introduced user name and password
• got into the server session
• examination:echo $DISPLAY должна выводить localhost:10.0. (Если это не так, выполнить export DISPLAY=:10.0)
  *xclock или `

• xclock запустился на экране клиента (выполняется на сервере)! Ура!
  sudo apt install xsysinfo
xsysinfo - информация о загрузке ядра сервера в реальном времени.

  Links :

• [Description of the options for the configuration file SSHD_CONFIG](http: //www.faqs.org/docs/securing/chap15sec122.html)

Related publications

Troubleshooting L2TP/IPsec connection errors "Could not add IPsec connection" and "no acceptable traffic selectors found"

Разбивка жесткого диска для установки Linux Mint на старый ПК с BIOS в режиме GPT

Обновление Linux Mint 21.3 Virginia до Linux Mint 22.3 Zena

Removing the Xanmod kernel from a Linux operating system

Устранение отклонений при установке драйвера видеокарты nVidia