Installation Guides 3d ago 6 views 4 min read

How to Install OpenSSH Server on AlmaLinux 9

Install the OpenSSH server package on AlmaLinux 9 using the DNF package manager. Configure the service to start automatically and verify the connection.

M
Master Sensei
Updated 11h ago
Sponsored

Cloud VPS — scale in minutes

Instantly deploy SSD cloud VPS with guaranteed resources, snapshots and per-hour billing. Pay only for what you use.

Install the OpenSSH server package to enable secure remote access to your AlmaLinux 9 system. These steps target AlmaLinux 9 (stream) with the default DNF package manager running as root or via sudo.

Prerequisites

  • AlmaLinux 9 installed and accessible via network.
  • Root privileges or a user account with sudo rights.
  • Network connectivity to the package repositories.
  • A firewall that allows incoming connections on port 22.

Step 1: Update the Package Index

Before installing new software, refresh the local package database to ensure you get the latest available version of OpenSSH. This prevents installing outdated components that might lack security patches.

sudo dnf update -y

You will see a progress bar and a list of packages being downloaded and installed. The command completes when it returns to the shell prompt.

Step 2: Install the OpenSSH Server Package

Use the DNF package manager to install the sshd package. The -y flag automatically answers "yes" to prompts, streamlining the installation process.

sudo dnf install openssh-server -y

DNF resolves dependencies and installs the server binary, configuration files, and man pages. The installation finishes when the prompt returns.

Step 3: Configure the SSH Service

The default configuration usually works for basic setups, but you must enable the service to start on boot. Open the main configuration file to review settings if you plan to change ports or disable root login later.

sudo vi /etc/ssh/sshd_config

Use the up/down arrow keys to navigate. Press :wq to save and exit. Do not modify this file unless you understand the implications of changing parameters like PermitRootLogin or Port.

Step 4: Start the SSH Service

Start the OpenSSH daemon immediately so you can accept connections. The systemd service name is sshd.

sudo systemctl start sshd

This command launches the background process. The system returns to the prompt immediately upon success.

Step 5: Enable the Service on Boot

Configure the system to start the SSH daemon automatically after a reboot. This ensures the server remains accessible even if the machine restarts.

sudo systemctl enable sshd

This creates a symbolic link in the systemd directory. The command returns to the prompt without error if the service is already enabled or if the link is created successfully.

Verify the installation

Check the status of the service to confirm it is active and running. The output should show "active (running)".

sudo systemctl status sshd
● sshd.service - OpenSSH server daemon
   Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; vendor preset: disabled)
   Active: active (running) since Mon 2024-10-28 10:00:00 UTC; 5min ago

Run the following command to test the TCP port locally. This confirms the service is listening.

sudo ss -tlnp | grep 22

You should see output indicating the port is listening on IPv4 and IPv6.

Troubleshooting

If the service fails to start, check the logs for specific errors.

Error: "Failed to start OpenSSH server daemon"

This often indicates a syntax error in the configuration file. Run the following command to validate the config syntax without restarting the service.

sudo sshd -t

If errors exist, the command prints the line number and the specific issue. Edit the file using vi or nano, fix the syntax, and run the test again.

Error: "Port is already in use"

Another process is listening on port 22. Check for conflicts.

sudo netstat -tlnp | grep 22

If you are not using the default port, ensure the firewall allows the new port. Update the firewall rules in /etc/firewalld/zones/public.xml or use the command line tool.

Error: "Permission denied (publickey,password)"

This occurs when a remote client cannot authenticate. Ensure the authorized_keys file exists in /home/<username>/.ssh and has the correct permissions.

chmod 700 /home/<username>/.ssh
chmod 600 /home/<username>/.ssh/authorized_keys

Verify the file ownership matches the user.

chown -R <username>:<username> /home/<username>/.ssh

If you cannot connect via SSH, ensure the firewall allows traffic on port 22.

sudo firewall-cmd --zone=public --add-port=22/tcp --permanent
sudo firewall-cmd --reload

Reload the firewall to apply changes. Check the status with sudo firewall-cmd --list-all.

Sponsored

Managed IT Services

Let our engineers run your servers, patch your stack and keep your infrastructure monitored around the clock.
Tags: securitySSHServerAlmaLinux
0
Was this helpful?

Related tutorials

Installation Guides
How to install Node.js 20.x and npm on Ubuntu 24.04 using NodeSource

This guide installs Node.js 20.14.0 and npm 10.7.0 on Ubuntu 24.04 using the NodeSource repository. Follow the…

15
Installation Guides
How to install cPanel on AlmaLinux 9

This guide installs cPanel WHM on AlmaLinux 9. It covers downloading the installer, running the script, and ve…

8
Installation Guides
How to Install Docker Engine on Rocky Linux 9

Install Docker Engine on Rocky Linux 9 using the official repository. This guide covers adding the repository,…

7

Comments 0

Login to leave a comment.

No comments yet — be the first to share your thoughts.