How to Enable SSH on AlmaLinux 10

How to enable SSH on AlmaLinux 10

by

Secure Shell (SSH) is the most common and secure way to remotely access a Linux server. By learning how to enable SSH on AlmaLinux 10, you can manage your server from anywhere in the world using encrypted communication.

In this tutorial, we will walk you through how to enable, start and secure SSH on AlmaLinux 10 server.

Prerequisites

Before we begin, make sure you have:

  • AlmaLinux 10 VPS hosting
  • Root access or a user with sudo privileges
  • Basic familiarity with the terminal

You can check if the openssh-server package is installed with the command:

# rpm -q openssh-server
openssh-server-9.9p1-7.el10_0.x86_64

The OpenSSH server package is already installed by default in the AlmaLinux 10 and you should receive a similar output.

Step 2: Enable and Start the SSH Service

Once installed, enable and start the SSH service so it runs automatically after each reboot:

# systemctl enable sshd
# systemctl start sshd

Check its status to make sure it’s running:

# systemctl status sshd

You should see active (running) in green.

Step. 3 Allow SSH through the Firewall

If you have firewalls installed such as CSF (ConfigServer Firewall), firewalld or UFW (Uncomplicated Firewall) you may need to allow the SSH port in the firewall so you can connect to your server via SSH.

For firewalld you can use the following commands:

sudo firewall-cmd --permanent --zone=public --add-service=ssh
sudo firewall-cmd --reload

You can confirm it’s open with:

sudo firewall-cmd --list-all


For the CSF firewall you will need to add the port if it’s not already added in the file:

/etc/csf/csf.conf

Check the TCP_IN and TCP_OUT lines and make sure the SSH port is added and save the file.

TCP_IN = "20,21,22,25,53,80,110,143,443,465,587,993,995"
 TCP_OUT = "20,21,22,25,53,80,110,443,587"

Then go ahead and restart the firewall with

# csf -r

For the UFW firewall you can use the following command:

# ufw allow ssh

Step 4: Configure SSH Settings

To improve security or modify the SSH service according to your needs you can edit the following file:

# nano /etc/ssh/sshd_config

You can change the default 22 port to port 3222 for example and disable root login by modifying the following lines in the file

Port 3222
PermitRootLogin no

After making the changes, go ahead and restart the SSH service so the changes can take effect

# systemctl restart sshd

Step 5: Using SSH to connect to your server

To test if you have configured the SSH server properly you can now try to connect from a remote computer using the command:

# ssh username@server-ip

If you already changed the Port number you can use the -p flag and use the port number you have previously configured

# ssh username@server-ip -p 3222

If for some reason, you are unable to connect you can use the -v (verbose) flag or -vvv for more detailed log.

# ssh -vvv username@server-ip -p 3222

Then you check the output for more information and once again check the firewall rules which may usually block the SSH connections if you forgot to configure them.

Step 6. SFTP using SSH over FTP

You can also use the SSH protocol to connect for FTP file transfer. If you are using FTP client such as Filezilla you can configure SFTP by using the following settings:

Protocol: SFTP – SSH File Transfer Protocol

Host: Server IP address

Port: 22 ( or SSH port you configured)

User: someuser

Password: password-of-someuser

And you are connected, you can now upload/download files via SFTP.

Conclusion

In this tutorial we showed you how you can check if OpenSSH server is installed and running. You also learned how to allow access for SSH connections and how you can use ssh -v (or -vvv) to debug SSH “Connection refused” errors.

If the service isn’t running or listening, start it. If the firewall is blocking it, open the port. And if you changed the default port, make sure the firewall settings match.

Leave a Comment