This comprehensive guide covers setting up and managing SSH access to Ubuntu virtual machines running in VirtualBox, including detailed explanations of all commands used.
Before we dive into the setup, let's understand some fundamental Linux commands we'll be using:
sudo (Superuser Do) runs commands with administrative privileges:
sudo command_nameWhen you use sudo, you'll be prompted for your password. This is a security measure to prevent unauthorized system changes.
sudo apt updateThis command:
apt: Advanced Package Tool, Ubuntu's package managerupdate: Refreshes the list of available packages and their versions- Does not install anything, just updates the package database
sudo apt install openssh-serverThis command:
install: Tells apt to download and install a packageopenssh-server: The name of the package we want to install
sudo systemctl status sshThis command checks the SSH service status:
systemctl: The command used to control system servicesstatus: Shows whether a service is running, stopped, or has errorsssh: The name of the service we're checking
sudo ufw allow sshThis command:
ufw: Uncomplicated Firewall, Ubuntu's default firewallallow: Creates a new rule to allow trafficssh: Shorthand for port 22, the default SSH port
ip aThis command:
- Shows all network interfaces and their IP addresses
ais short foraddress- Look for
inetfollowed by an IP address like192.168.1.xxx
-
First, update the package database:
sudo apt update
Understanding the output:
- "Hit": Repository is up to date
- "Get": New package lists are being downloaded
- "Reading package lists": Processing the updates
-
Install the SSH server:
sudo apt install openssh-server
The output will show:
- Dependencies that will be installed
- Amount of disk space needed
- Prompt for confirmation (y/n)
-
Verify the SSH service:
sudo systemctl status ssh
Look for:
- "active (running)" in green
- No error messages
- The process ID (PID)
When we create or edit the SSH config file:
nano ~/.ssh/configBreaking this down:
nano: A text editor, easier for beginners than vim~: Represents your home directory.ssh: A hidden directory (starts with .)config: The configuration file name
Setting proper permissions:
chmod 600 ~/.ssh/configUnderstanding chmod:
chmod: Change mode command600: Permission number where:6for owner = read (4) + write (2)0for group = no permissions0for others = no permissions
Editing the hosts file:
sudo nano /etc/hostsUnderstanding the path:
/etc: System configuration directoryhosts: File that maps IP addresses to hostnames
Generate an SSH key:
ssh-keygen -t ed25519 -C "[email protected]"Breaking down the command:
ssh-keygen: Tool for creating SSH keys-t ed25519: Specifies the key type (Ed25519, a modern, secure algorithm)-C: Adds a comment to identify the key
Copy your key to the VM:
ssh-copy-id username@vm_ip_or_hostnameThis command:
- Copies your public key to the remote server
- Adds it to
authorized_keysfile - Sets correct permissions automatically
Basic SSH connection:
ssh username@hostnameUnderstanding the format:
ssh: The SSH client commandusername: Your account on the remote system@: Separator between username and hostnamehostname: Can be IP address, hostname, or alias from config
Using configured shortcuts:
ssh myvmThis works when defined in ~/.ssh/config
Check SSH daemon status:
sudo systemctl status sshView SSH logs:
sudo journalctl -u sshThis command:
journalctl: System log viewer-u ssh: Filter logs for SSH service only
Remove known host entry:
ssh-keygen -R hostnameUse this when:
- Host key verification fails
- Server's SSH key has changed
- You want to remove old entries
Check listening ports:
sudo netstat -tuln | grep 22Breaking down:
netstat: Network statistics tool-tuln: Show TCP/UDP listening numeric portsgrep 22: Filter for SSH port
Check SSH config syntax:
ssh -T -v myvmUnderstanding flags:
-T: Disable pseudo-terminal allocation-v: Verbose mode for debugging
These commands form the foundation of managing SSH connections in a Linux environment. Understanding them helps you troubleshoot issues and maintain secure connections to your virtual machines.
When using bridged networking, your virtual machine appears as a separate device on your network, just like a physical computer. This method gives your VM its own IP address on your local network.
-
Configure VirtualBox Network Settings:
- Go to VM Settings → Network
- Set "Attached to" as "Bridged Adapter"
- Select your network interface (e.g., Wireless adapter for WiFi)
-
Get VM's IP address (run this inside the VM):
ip a
Look for an IP address like
192.168.1.xxxor10.0.x.xin the output. -
Connect from host:
ssh username@vm_ip_address
For example:
ssh [email protected]
NAT (Network Address Translation) lets your VM share your host's IP address. Port forwarding tells VirtualBox to redirect SSH connections from your host to your VM.
-
Configure VirtualBox Network Settings:
- Go to VM Settings → Network
- Set "Attached to" as "NAT"
- Click "Advanced" → "Port Forwarding"
- Add new rule:
- Name: SSH Rule
- Protocol: TCP
- Host Port: 22
- Guest Port: 22
-
Connect from host:
ssh username@localhost
The SSH config file is a powerful tool that lets you create shortcuts for your SSH connections. Think of it as your SSH address book, where you can store connection details for all your machines.
-
Create/edit the SSH config file:
nano ~/.ssh/config -
Here's a comprehensive example with different scenarios:
# Basic VM connection Host ubuntu-vm HostName 192.168.1.100 User ubuntu Port 22 # NAT VM connection using localhost Host nat-vm HostName localhost User developer Port 22 # VM with custom settings Host dev-vm HostName 192.168.1.101 User developer Port 2222 IdentityFile ~/.ssh/dev_key ForwardX11 yes -
Set proper permissions (required for security):
chmod 600 ~/.ssh/config
Now instead of typing ssh [email protected], you can simply use:
ssh ubuntu-vmThe config file supports many options:
Host: Your chosen nickname for the connectionHostName: The actual IP address or hostnameUser: Your username on the remote systemPort: SSH port (default is 22)IdentityFile: Path to your SSH keyForwardX11: Enable X11 forwarding for GUI applications
There are two approaches to using hostnames instead of IP addresses. Let's understand both:
The hosts file maps IP addresses to names system-wide:
-
Edit the hosts file:
sudo nano /etc/hosts
-
Add entries (example):
# VirtualBox VMs 192.168.1.100 ubuntu-vm 192.168.1.101 dev-vm
Now you can use these names anywhere, including SSH:
ssh username@ubuntu-vmThis approach gives you the best of both worlds:
-
In
/etc/hosts:192.168.1.100 ubuntu-vm -
In
~/.ssh/config:Host dev HostName ubuntu-vm User developer -
Connect with the short command:
ssh dev
Using SSH keys is more secure than passwords:
-
Generate SSH key pair on host:
ssh-keygen -t ed25519 -C "[email protected]" -
Copy public key to VM:
ssh-copy-id username@vm_ip_or_hostname
-
Connection refused errors:
- Verify SSH service is running:
sudo systemctl status ssh - Check firewall settings:
sudo ufw status - Ensure correct IP/port forwarding
- Verify SSH service is running:
-
Permission denied errors:
- Check SSH config file permissions:
ls -l ~/.ssh/config - Verify username and password
- Check SSH key permissions:
ls -l ~/.ssh/id_*
- Check SSH config file permissions:
-
Host key verification failed:
- Remove old key:
ssh-keygen -R hostname_or_ip - Connect again to add new key
- Remove old key:
When connecting to a new VM for the first time, you'll see this security prompt:
The authenticity of host '...' can't be established.
... key fingerprint is ...
Are you sure you want to continue connecting (yes/no/[fingerprint])?
This is normal and helps prevent man-in-the-middle attacks. Type 'yes' to add the host to your known_hosts file.
Video for Reference