OpenSSH is a set of free and open-source software tools designed for secure and encrypted communication over computer networks. It is commonly misunderstood as a protocol, but in fact, it is a collection of programs that implement the SSH (Secure Shell) protocol.
Created by the OpenBSD project and distributed under the Simplified BSD License, OpenSSH has gained popularity among system administrators because of its versatility across different platforms and its extensive range of features.
The OpenSSH Daemon, commonly referred to as sshd, serves as the server program for the SSH client. It is an open-source SSH server that replaces insecure protocols like rlogin and rsh. SSH ensures secure encrypted communication between two untrusted hosts, even over an insecure network like the Internet. Notably, sshd is not pre-installed on Ubuntu Desktop and minimal Ubuntu server, requiring users to install it separately if needed.
At the time of writing this blog, the latest version of OpenSSH_9.5p1. Please note that software versions may have changed since the time of writing, and it’s advisable to check the official OpenSSH website or other reliable sources for the most current version information. You can check out the SSH release notes for more information.
Prerequisites
- Linux based Operating system (Debian/Ubuntu)
- Access of Root or Sudo user
- C compiler
- Zlib 1.1.4 or 1.2.1.2 or greater
- LibreSSL or OpenSSL >= 1.0.1 < 1.1.0
Also Read: How To Install PHP 8.2 on Ubuntu 22.04
Install OpenSSH Server
Before installing the latest OpenSSH version, let’s check the version of currently installed SSH with the following command.
ssh -V
As per the above screenshot, we need to update the SSH version from 8.2p1 to OpenSSH_9.5p1.
Before proceeding, we need to install few dependencies such as build essentials, development tools etc. with the following command.
sudo apt update sudo apt install -y build-essential zlib1g-dev libssl-dev
In order to correctly set up the OpenSSH server, it’s very important to establish a suitable environment. It involves creating a new system user and group named as “sshd” with a secured chroot location.
Note :- If you already have an existing installation, this environment is likely already configured, and you can proceed to the next section. If not, execute the following commands to establish it.
sudo mkdir /var/lib/sshd sudo chmod -R 700 /var/lib/sshd/ sudo chown -R root:sys /var/lib/sshd/ sudo useradd -r -U -d /var/lib/sshd/ -c "sshd privsep" -s /bin/false sshd
Now, download the latest tarball of OpenSSH version 9.5p1 with the help of wget command.
wget -c https://cdn.openbsd.org/pub/OpenBSD/OpenSSH/portable/openssh-9.5p1.tar.gz tar -xzf openssh-9.5p1.tar.gz cd openssh-9.5p1/
Next, we need to compile and install the OpenSSH server with some specific options: –with-md5-passwords, –with-privsep-path, and –sysconfdir. These options will ensure that all files are installed in the default /usr/local/ directory.
To enable the support of above options, we need to install them with the following command.
sudo apt install -y libpam0g-dev libselinux1-dev
Now compile and Install SSH from Sources with the following command.
./configure --with-md5-passwords --with-pam --with-selinux --with-privsep-path=/var/lib/sshd/ --sysconfdir=/etc/ssh make sudo make install
We have successfully installed the latest version of OpenSSH. Now, restart the SSH service.
systemctl restart sshd
Now, check the version of OpenSSH installed on our server.
ssh -V
Note – If it still shows the old SSH version then simply reboot the server it will reload all the server configuration and will show the latest version of SSH on the server.
Conclusion
OpenSSH is a popular and vital suite of open-source tools implementing the SSH protocol, ensuring secure and encrypted communication on computer networks. Developed by the OpenBSD project, its popularity among system administrators is attributed to its cross-platform compatibility and robust features.
In today’s blog, we have learned how to install or upgrade the OpenSSH version on the system or server. The same blog will also work for other Ubuntu and Debian version. If you guys have any query or questions then you can drop a comment regarding your queries.