How to Use SSH to Connect to a Remote Server in Linux or Windows

Accessing machines remotely became a necessity a long time ago and we can scantily imagine how it would be if we couldn ’ metric ton command computers from distant locations. There are many ways to establish a connection with a distant car depending on the operating arrangement you are running, but the two most use protocols are :

  • Secure Shell (SSH) for Linux-based machines
  • Remote Desktop Protocol (RDP) for Windows-based machines

The two protocols use the customer and server applications to establish a outside joining. These tools allow you to gain access and remotely manage other computers, transfer files, and do virtually anything you can do while physically sitting in front of the machine .
User manual on how to use SSH to connect to a remote server in Linux or Windows Prerequisites

Before you can establish a secure remote desktop protocol with a outside machine, there are a few basic requirements to meet :

  • The remote computer must be turned on at all times and have a network connection.
  • The client and server applications need to be installed and enabled.
  • You need the IP address or the name of the remote machine you want to connect to.
  • You need to have the necessary permissions to access the remote computer.
  • Firewall settings need to allow the remote connection.

What is SSH?

Secure Shell, sometimes referred to as Secure Socket Shell, is a protocol which allows you to connect securely to a outside calculator or a server by using a text-based interface .
When a guarantee SSH connection is established, a shell school term will be started, and you will be able to manipulate the waiter by typing commands within the client on your local calculator .
system and network administrators use this protocol the most, angstrom well as anyone who needs to manage a computer remotely in a highly plug manner .

How Does SSH Work?

In order to establish an SSH joining, you need two components : a node and the comparable server-side part. An SSH customer is an application you install on the computer which you will use to connect to another computer or a server. The node uses the provide outside server information to initiate the connection and if the credentials are verified, establishes the code connection .
On the waiter ’ s side, there is a part called an SSH daemon that is constantly listening to a specific TCP/IP port for possible client connection requests. once a node initiates a joining, the SSH daemon will respond with the software and the protocol versions it supports and the two will exchange their identification data. If the provided credentials are discipline, SSH creates a new school term for the appropriate environment .
The default SSH protocol adaptation for SSH server and SSH node communication is version 2 .

How to Enable an SSH Connection

Since creating an SSH connection requires both a client and a server part, you need to make certain they are installed on the local anesthetic and the outback machine, respectively. An clear source SSH tool—widely used for Linux distributions— is OpenSSH. Installing OpenSSH is relatively easy. It requires access to the terminal on the waiter and the calculator that you use for connecting. note that Ubuntu does not have SSH waiter installed by default option .

How to Install an OpenSSH Client

Before you proceed with installing an SSH customer, make certain it is not already installed. many Linux distributions already have an SSH client. For Windows machines, you can install PuTTY or any other client of your choice to gain access to a server .
To check if the client is available on your Linux-based organization, you will need to :

  1. Load an SSH terminal. You can either search for “terminal” or press CTRL + ALT + T on your keyboard.
  2. Type in ssh and press Enter in the terminal.
  3. If the client is installed, you will receive a response that looks like this:

This means that you are quick to remotely connect to a forcible or virtual machine. otherwise, you will have to install the OpenSSH client :

  1. Run the following command to install the OpenSSH client on your computer:
    sudo apt-get install openssh-client
  2. Type in your superuser password when asked.
  3. Hit Enter to complete the installation.

You are now able to SSH into any car with the server-side application on it, provided that you have the necessary privileges to gain access, vitamin a well as the hostname or IP address .

How to Install an OpenSSH Server

In order to accept SSH connections, a machine needs to have the server-side contribution of the SSH software toolkit .
If you first want to check if OpenSSH waiter is available on the Ubuntu system of the outback computer that needs to accept SSH connections, you can try to connect to the local horde :

  1. Open the terminal on the server machine. You can either search for “terminal” or press CTRL + ALT + T on your keyboard.
  2. Type in ssh localhost and hit enter.
  3. For the systems without the SSH server installed the response will look similar to this:
[email protected]:~$ ssh localhost
ssh: connect to host localhost port 22: Connection refused [email protected]:~$

If the above is the encase, you will need to install the OpenSSH server. Leave the terminal open and :

  1. Run the following command to install the SSH server:
sudo apt-get install openssh-server ii.
  1. Type in your superuser password when asked.
  2. Enter and Y to allow the installation to continue after the disk space prompt.

The command digest files will be installed, and then you can check if the SSH server is running on the car by typing this command :

sudo service ssh status

The response in the terminal should look exchangeable to this if the SSH service is immediately running by rights :

[email protected]:-$ sudo service ssh status
• ssh.service - OpenBSD Secure Shell server
Loaded: loaded (/lib/systemd/system/ssh.service; enabled; vendor preset: enab
Active: active (running) since Fr 2018-03-12 10:53:44 CET; 1min 22s ago Process: 1174 ExecReload=/bin/kill -HUP $MAINPID (code=exited, status=0/SUCCES

Main PID: 3165 (sshd)

Another way to test if the OpenSSH server is installed by rights and will accept connections is to try running the ssh localhost command again in your terminal prompt. The answer will look similar to this screen when you run the command for the first meter :

[email protected]:~$ ssh localhost

The authenticity of host 'localhost (' can't be established. ECDSA key fingerprint is SHA256:9jqmhko9Yo1EQAS1QeNy9xKceHFG5F8W6kp7EX9U3Rs. Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added 'localhost' (ECDSA) to the list of known hosts.

[email protected]:~$

Enter yes or y to continue .
Congratulations ! You have set up your server to accept SSH connection requests from a unlike
calculator using an SSH node .
You can now edit the SSH daemon shape file, for model, you can change the default port for SSH connections. In the terminal prompt, run this instruction :

sudo nano /etc/ssh/sshd_config

The configuration file will open in the editor program of your choice. In this case, we used Nano .
If you need to install Nano, run this command :

sudo apt-get install nano

Please note that you need to restart SSH service every time you make any changes to the sshd_config file by running this command :

sudo service ssh restart

How to Connect via SSH

now that you have the OpenSSH node and waiter installed on every machine you need, you can establish a secure remote control connection with your servers. To do so :

  1. Open the SSH terminal on your machine and run the following command: ssh [email protected]_ip_address

    If the username on your local machine matches the one on the server you are trying to connect to, you can just type: ssh host_ip_address And hit Enter.

  2. Type in your password and hit Enter. Note that you will not get any feedback on the screen while typing. If you are pasting your password, make sure it is stored safely and not in a text file.
  3. When you are connecting to a server for the very first time, it will ask you if you want to continue connecting. Just type yes and hit Enter. This message appears only this time since the remote server is not identified on your local machine.
  4. An ECDSA key fingerprint is now added and you are connected to the remote server.

If the calculator you are trying to remotely connect to is on the same network, then it is best to use the secret IP savoir-faire alternatively of the public IP address. otherwise, you will have to use the public IP address only. additionally, make indisputable that you know the chastise TCP larboard OpenSSH is listening to for connection requests and that the port forward settings are decline. The default port is 22 if cipher changed configuration in the sshd_config charge. You may besides precisely append the port number after the host IP address .
here is the example of a connection request using the OpenSSH node. We will specify the port count as well :

[email protected]:~$ ssh [email protected] –p7654 [email protected]’s password:

The authenticity of host ' (' can't be established. ECDSA key fingerprint is SHA256:9lyrpzo5Yo1EQAS2QeHy9xKceHFH8F8W6kp7EX2O3Ps. Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '' (ECDSA) to the list of known hosts. 

[email protected]:~$

You are immediately able to manage and control a outside machine using your terminal. If you have trouble connecting to a distant waiter, make surely that :

  • The IP address of the remote machine is correct.
  • The port SSH daemon is listening to is not blocked by a firewall or forwarded incorrectly.
  • Your username and password are correct.
  • The SSH software is installed properly.

Note: If SSH responds with a message “ Connection refused ”, please refer to our article How To Fix The SSH “ Connection Refused ” Error for potential reasons and solutions .

SSH Further Steps

now that you are able to establish a connection to your waiter using SSH, we highly recommend a few far steps to improve SSH security. When you leave the apparatus with the default values, it is more probably to be hacked and your server can easily become a target of scripted attacks .
Some of the suggestions for hardening SSH by editing the sshd shape file include :

  • Change the default TCP port where SSH daemon is listening. Change it from 22 to something much higher, for example 24596. Make sure you do not use a port number that is easy to guess, such as 222, 2222 or 22222.
  • Use SSH key pairs for authentication for passwordless SSH login. They are both safer and also allow logging in without the need to use your password (which is faster and more convenient).
  • Disable password-based logins on your server. If your password gets cracked, this will eliminate the possibility of using it to log into your servers. Before you disable the option to log in using passwords, it is important to make sure that authentication using key pairs is working properly.
  • Disable root access to your server and use a regular account with the su – command to switch to a root user.

You can besides use TCP wrappers to restrict access to certain IP addresses or hostnames. configure which host can connect using TCP wrappers by editing the /etc/hosts.allow and etc/hosts.deny files .
note that allowed hosts supersede the deny hosts. For example, to allow SSH entree to a single host you will first deny all hosts by adding these two lines in the etc/hosts.deny :
sshd : ALL
then, in the etc/hosts.allow add a line with the let hosts for the SSH service. That can be a single IP address, an IP scope, or a hostname : sshd :, LOCAL .
Make sure to keep your log in information dependable at all times and to apply security at multiple layers. Use different methods to limit SSH access to your servers, or use services that will block anyone who tries to use beastly military unit to gain entree to your servers. Fail2ban is one model of such service .


For users who are used to working in a graphic background environment with Virtual Network Computing ( VNC ), it is possible to completely code connections using SSH tunneling. In club to tunnel VNC connections over SSH, you will need to run this control in the concluding on your Linux or UNIX machine :

$ ssh -L 5901:localhost:5901 -N -f -l username hostname_or_IP

here is the breakdown of the command above :

  • ssh : this starts the SSH client program on your local machine and enables secure connection to the SSH server on a remote computer.
  • -L 5901:localhost:5901 : states that the local port for the client on the local machine is to be forwarded to the specified host and port of the remote machine. In this case, local port 5901 on the local client is being forwarded to the same port of the given remote server.
  • -N : instructs to only forward ports, and not to execute a remote command.
  • -f : sends SSH to background after the password is provided, just before the command is executed. Then, you can freely use the terminal to type commands on the local machine.
  • -l username : the username you insert here will be used for logging in to the remote server you specified.
  • hostname_or_IP : this is the remote system with a VNC server. An example of an IP address would be and the example of a hostname would be

You can besides connect to a outback server via SSH tunnel from a Windows machine by using PuTTY. In the PuTTY shape window :
ssh putty configuration

  1. Go to Connection -> SSH -> Tunnels
  2. In the Source port field type in 5901
  3. In the Destination field type in localhost:5901
  4. Start the SSH session as you normally would.
  5. Connect to your server with a VNC client of your choice.

Note: If you are using Ubuntu, refer to our initiation guide How to Install PuTTY on Ubuntu .

What is RDP?

Remote Desktop Protocol ( RDP ) is a protocol developed by Microsoft. It is used to control and manage machines with a Windows function system remotely .
Unlike Secure Shell, connections established using an RDP client provide a user with a graphic interface through which they can gain entree to a distant computer and control it in the same manner as their local computer.
Using Remote Desktop services, once known as end services, allows network and system engineers to easily manipulate distant computers connected to a local net or the Internet .
This comes with a price. If you do not use a virtual individual network ( VPN ), connecting via RDP is far less guarantee than SSH because you are immediately exposed to the internet. There are many automated scripts constantly looking for weaknesses in your connection, specially for outdoors ports that Windows Remote Desktop connections use. In that subject, it is highly recommended to have impregnable, secure passwords and change them regularly. This does not make RDP connections dependable, but less vulnerable .

How Does Remote Desktop Protocol Work?

Windows Remote Desktop connection is based on a rather simple client-server exemplary using Remote Desktop Protocol ( RDP ). After you enable it, the Windows Remote Desktop server-side overhaul starts listening for connection requests on port 3389. Whenever you try to connect to a Windows waiter, you will need to provide a valid username for the account you are using to gain access remotely. Once you gain access to the server, you will be able to manage applications, transplant files between the two computers, and virtually perform any undertaking you can perform locally with the account in question .
No topic what version of the Windows operate system you have, you will be able to establish a dependable distant connection to another computer since the Remote Desktop node is available by nonpayment. On the other hand, a calculator can be remotely accessible only if it runs on a Pro, Enterprise, or Server version of a Windows operate system. so, we can conclude that RDP connections are potential only between computers with a Windows OS on them .

How to Enable an RDP Connection

Establishing a Remote Desktop connection to another computer over network requires you to enable the Windows Remote Desktop server serve. The Remote Desktop node is integrated into Windows systems, fix out of the box, and does not need any special apparatus before you can connect to another Windows-based machine. however, accepting Remote Desktop connections from another machines is disabled by default option on all version of Windows OS .
If you want to remotely connect to a waiter over the Internet and not through the local network, you need to take a few things into retainer before you enable this service :

  • Port forwarding. If you are not using a VPN you need to make sure the ports are forwarded properly to the remote host’s IP address. Check the router settings to see if the traffic on the default TCP port for Remote Desktop Protocol (port 3389) is going to the IP of the server with which you want to establish a Remote Desktop connection. Note that your Windows server is in this case directly exposed to the Internet and vulnerable.
  • Using a VPN. This is a much safer option for Remote Desktop connection. When you create a virtual private network on a client computer, you will be able to access all services that are available only when you use local connection.
  • Firewall settings. Make sure that the firewall you are using for the remote machine is not blocking Remote Desktop connection. You need to open the local port for RDP, whether it is the default or custom port number.

Enabling Remote Access in Windows 7, 8, 10 and Windows Server Versions

The operation to configure distant desktop and allow dependable outback connections to a waiter or a personal computer from a unlike computer is similar for all versions of Windows operating systems. I will list the basic steps to enable outside access to a coveted machine. Before you begin, please make sure that you have taken into circumstance the notes listed above concerning port forward, VPN, and firewall settings .

Step 1: Allow Remote Connections

Go to the computer information on the car where you want to allow outback connections :

  1. Right Click on Computer or This PC depending on the Windows OS version.
  2. Click on Properties.
  3. Click on Remote settings on the left side of the window.

windows control panel remote settings link

  1. Click on Allow remote connections to this computer. This should automatically add Remote Desktop Firewall exception. Additionally, you can check off the box that says “Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)” for additional security of your RDP sessions.

system properties remote connections tab

  1. Click Apply if you want to stay in the tab or OK to close it.

Step 2: Add Users to the List of Remote Users

You need to perform this measure only if you want to allow users other than administrators to access the car in question. If you are an administrator, your account is automatically included in the list of allow users but you will not see it. To select more users :

  1. On the Remote settings screen shown above, click Select Users…
  2. Click on Add in the Remote Desktop Users box.
  3. The Select Users box will appear. You can select the location you want to search by clicking on Locations.
  4. In the Enter the Object Names to Select field, type a name of a user and click on Check Names.
  5. When you find a match, select the user account and click OK.
  6. Close the System Properties window by clicking OK again.

There are not many other options to change in order to configure Remote Desktop. Provided that other settings do not interfere with your Remote Desktop connection, you are now able to remotely plug in and dominance this computer .

How to Use the Remove Desktop Connection Client

Using the Remote Desktop node is square and you do not need to specifically configure Remote Desktop on the local calculator. The steps below will work for all versions of Windows starting from Windows 7 .

Step 1: Launch the Destkop Connection Unit

On your local Windows calculator, locate the Remote Desktop Connection application. You can find it in a pair of different ways :

  1. For Windows 7, click on Start -> All Programs, go to the ‘Accessories’ folder and click on Remote Desktop Connection. For Windows 10, Click on Start and locate the ‘Windows Accessories’ folder where you can also find the Remote Desktop Connection app.

ss hrd allow remote desktop connection

  1. Click on Start and type in Remote Desktop Connection in the search bar. You will receive search results as soon as you start typing. Click on the application when it shows up on the list.

use remote desktop to connect to a server

  1. Press Windows + R keys on your keyboard to get the “Run” box. Type in mstsc and hit Enter in the ‘Open:’ field to run the Remote Desktop client.

run the remote desktop application

Step 2: Enter the Remote Hosts IP Address or Name

once you launch the Remote Desktop Connection application, you will get a window where you can enter the name or the IP address of a remote machine you want to access .
In the Computer airfield, type in the comparable name or IP cover and chatter Connect .
remote desktop connection in windows input ip
Note: If the default listening port for Remote Desktop connection ( port 3389 ) has been changed on the outback server to a unlike value, you will have to specify it after the IP address .
Depending on your circumstances, you will either want to enter the private or public IP address of the outside horde. here are the possible scenarios :

  • If the client computer and the remote host connect to the same Local Area Network, you will use the host’s private IP address for Remote Desktop Connection.
  • If you are using a virtual private network (VPN) on the client computer to access the remote host, you will use the host’s private IP address for Remote Desktop Connection.
  • If the client computer is connecting to the remote host from another network over the Internet without a VPN, you will use the public IP address.

How to Find the IP Address and Host Name

There are many ways to locate the list, public or individual IP address of a computer where you want to configure Remote Desktop service. here are the quickest and easiest methods :
To determine a computer’s private IP address:

  1. Search for CMD from the start menu or press Windows + R on your keyboard, type in CMD and hit Enter to run the command prompt.
  2. Type ipconfig in the command prompt and hit Enter.
  3. Your will see your computer’s private IP address under the IPv4 Address line.

find a computer's IPv4 address command prompt To determine which public IP address a computer is using:

  1. From your web browser, go to com or use its search bar.
  2. Type in “what is my IP” or simply “my IP” and hit Enter.
  3. At the top of the page, Google will show you the public IP address your computer is using. If this is not working for your region, you can visit the first webpage in the search results and it will show you the IP address. Some websites such as will even show you your private (local) IP address.

To find a computer’s name:

  1. Right Click on Computer, or This PC, depending on the Windows OS version you are using.
  2. Click on
  3. You will find your full computer name under the “Computer name, domain, and workgroup settings” section.

Step 3: Entering the RDP Credentials and Finalizing the Connection

After you hit plug in, the loading prevention will appear. When it finishes initiating and configuring the outside session you will get a pop fly window that will look similar to this :
windows security pop up window

  1. Enter the password for the selected username. You can use another account, if needed, and provide a different username and password.
  2. Click OK when ready and you will get the security certificate warning.
  3. Click Yes to continue.

Note: entirely one exploiter can be logged in at the same time on a Windows calculator. If person else is using the machine you are trying to remotely access, that user has to disconnect. The admonitory logon message will appear in such cases .
You will not see the desktop of the distant machine. Depending on the exploiter bill permission settings, you can immediately perform any operation that you can while working directly in front of it .
Remote Desktop Protocol Further Steps
When setting up your remote control waiter or machine to accept distant background connections, it is important to take precautions concerning securing RDP. Your server is specially vulnerable if you are accessing it over the Internet .
here are a few pieces of advice to keep in thinker if you are using distant desktop protocol to remotely connect to your machines :

  • Use the built in VPN server on your Windows machine to additionally secure your traffic. This will provide more secure access to your Windows server and services.
  • Set client connection encryption level. This option is set to “Not configured” by default. You can enable it and force high encryption level settings for all communications between clients and Remote Desktop Session Host servers. We do not recommended using the “Client Compatible” encryption level setting. Leaving the default “High” encryption level setting will force strong 128-bit encryption for data sent from the client to server and vice versa. You can edit this configuration using the Local Group Policy editor.
  • Employ two-factor authentication using a third-party tool, such as Duo Security. By installing Duo Authentication for Windows Logon, you can add two-factor authentication to all Windows login attempts, or only for RDP sessions.
  • Enforce firewall rules to limit exposure of open RDP ports to the Internet, especially if you are using the default RDP TCP port 3389. Windows has a built-in firewall which you can access from Control Panel and further configure it to restrict traffic to specific ports and IP addresses

These best practices for additionally securing RDP will help you tighten down remote control background access. You will avoid most of the unauthorized login attempts without spending excessively much clock time making configuration changes to your machines .

Note: Learn how to use SSHFS to mount distant file systems over SSH .

The steps and processes listed in this guide will work for most users and most versions of Linux and Windows operating systems .
You should nowadays be able to Connect to a Remote Server with Linux or Windows.
There are of course many other methods to establish a joining between two outside computers, but the ones covered here are most common .

generator :
Category : Tech

About admin

I am the owner of the website, my purpose is to bring all the most useful information to users.

Check Also


Manage participants in a zoom meeting webinar

Call the people who attend the meet as follows Alternate host host Who scheduled the …

Leave a Reply

Your email address will not be published.