How to open ssh 22/TCP port using ufw on Ubuntu/Debian Linux

ADVERTISEMENTS



How do I allow incoming SSH connections from a specific IP address or subnet on a Ubuntu or Debian Linux server using ufw? How do I open ssh 22/TCP port using ufw on Ubuntu or Debian server? UFW is an acronym for uncomplicated firewall. It is used for managing a Linux firewall and aims to provide an easy to use interface for the user. In this tutorial,server.

ssh is a client program for logging into a remote machine and for executing commands on a remote Linux or Unix computer. SSHD is the daemon program for ssh. Bots and unwanted people often target SSHD. Hence, you must protect your server.

Open SSH port using ufw

The syntax is as follows to open ssh port using ufw command:

sudo ufw allow ssh

OR

$ sudo ufw allow 22/tcp

One can add the comment as follows:

$ sudo ufw allow 22/tcp comment 'Open port ssh tcp port 22'

If you are running ssh on TCP port # 2222, enter:

$ sudo ufw allow 2222/tcp

How to allow incoming SSH from specific IP address

The syntax is:

$ sudo ufw allow from {IP_ADDRESS_HERE} to any port 22

To allow incoming SSH connections from a specific IP address named 202.54.1.1, enter:

$ sudo ufw allow from 202.54.1.1 to any port 22

How to allow incoming SSH from specific subnets

The syntax is:

$ sudo ufw allow from {IP_SUB/net} to any port 22

OR

$ sudo ufw allow from {IP_SUB/net} to any port 22 proto tcp

OR

$ sudo ufw allow from {IP_SUB/net} to {ssh-server-ip-address} port 22 proto tcp

To allow incoming SSH connections from a specific IP subnet named 202.54.1.1/29, enter:

$ sudo ufw allow from 202.54.1.1/29 to any port 22

To allow incoming SSH connections from a specific IP subnet named 10.8.0.0/24 to 10.8.0.1 and tcp port 22, enter:

$ sudo ufw allow from 10.8.0.0/24 to 10.8.0.1 port 22 proto tcp

Limit incoming SSH port for all

Open incoming SSH but deny connections from an IP address that has attempted to initiate 6 or more connections in the last 30 seconds. The syntax is:

$ sudo ufw limit ssh

OR

$ sudo ufw limit 22/tcp

How to check the status of ufw

The syntax is:

$ sudo ufw status

Sample outputs:

Status: active To Action From -- ------ ---- 22 ALLOW Anywhere 72.14.190.12 443/tcp ALLOW Anywhere 72.14.190.12 80/tcp ALLOW Anywhere

if ufw was not enabled the output would be:

sudo ufw status Status: inactive

To turn on UFW on with the default set of rules including open SSH port, enter:

$ sudo ufw enable

$ sudo ufw status verbose

Conclusion

You learned how to open ssh port using ufw on Ubuntu or Debian Linux server. See ufw home page here for more info.

