How to Install and Configure SSH Server in Rocky Linux 8/9

SSH (Secure Shell) is a secure way to connect to Linux servers remotely.
It allows administrators to manage systems, run commands, transfer files,
and keep communication safe through encryption.
In Rocky Linux 8/9, SSH server is provided by the package openssh-server.

1. Install SSH Server

sudo dnf install -y openssh-server

After installation, start and enable the SSH service:

sudo systemctl start sshd
sudo systemctl enable sshd

2. Check SSH Service Status

systemctl status sshd

3. Allow SSH in Firewall

sudo firewall-cmd --permanent --add-service=ssh
sudo firewall-cmd --reload

4. SSH Configuration File

Main configuration file: /etc/ssh/sshd_config

To apply changes, restart SSH service:

sudo systemctl restart sshd

5. Allow or Deny User Access

You can control which users can connect via SSH.

# Only allow user 'shahzad'
AllowUsers shahzad

# Deny specific users
DenyUsers testuser

Edit /etc/ssh/sshd_config and add above lines, then restart sshd.

6. Connect to SSH Server

ssh username@server-ip

7. Passwordless SSH Connection (Key-based authentication)

To avoid typing passwords every time, you can use SSH keys.

Step 1: Generate SSH key pair on client machine:

ssh-keygen -t rsa -b 4096

Step 2: Copy public key to server:

ssh-copy-id username@server-ip

Step 3: Connect without password:

ssh username@server-ip

8. Manual Key Copy (if ssh-copy-id not available)

cat ~/.ssh/id_rsa.pub | ssh username@server-ip "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys"

9. Improve SSH Security

  • Change default SSH port (from 22 to another) in /etc/ssh/sshd_config
  • Disable root login (PermitRootLogin no)
  • Use only key-based authentication (PasswordAuthentication no)
  • Allow only required users (AllowUsers)
  • Use Fail2Ban or firewall to block brute force attacks

10. Verify SSH Logs

Check logs to see login attempts:

sudo journalctl -u sshd
cat /var/log/secure

Conclusion

SSH is one of the most important services for Linux administrators.
In Rocky Linux 8/9, you can install, configure, and secure SSH easily.
By using key-based authentication and access rules, you can protect your server from attacks and manage it safely.

Leave a Reply

Your email address will not be published. Required fields are marked *