SSH is a cryptographic network protocol that lets you control and modifies a remote computer over the internet. This protocol ensures security even through a vulnerable network. Most of the Linux distros use OpenSSH, an open-source project implementing the SSH protocol.
In this guide, we’ll demonstrate how to verify if SSH is running on Linux.
SSH running on Linux
There are multiple methods to detect if SSH is currently running on the system.
Note that SSH is divided into two sections in terms of functionality: the SSH client and the SSH server. The client connects to the server using the SSH protocol. An SSH key is the default security measure to protect the connection.
If SSH is installed and enabled, then it’s likely that the SSH server is up and running on the system, waiting for an SSH connection request. We can detect if the SSH server is running, but it doesn’t give info if an SSH connection is active. We can verify that if the SSH port is currently open.
This is the first step in verifying whether SSH is currently running. We’re looking for the status of the sshd process. This guide details working with Linux processes.
Use the ps command to list all the processes and filter the output using grep to check if the SSH process is running.
Depending on the state of the process, the output will differ.
Every process/service in Linux gets its dedicated port to communicate over the network. SSH, by default, is configured to use port 22 for remote communication. Note that it’s possible to configure a different port for SSH. It’s a good security measure to prevent various attacks, for example, DDoS or brute-force.
Even if a program is dedicated to a specific port, the port won’t be open if the program isn’t running. We can use this trick to verify whether SSH is running. If the port is open, then SSH is up and running.
To check the list of open ports, we’ll be using the netstat tool. It’s a dedicated tool for printing various network info like network connections, routing tables, interface stats, etc. This guide demonstrates the in-depth usage of netstat.
The following command will check if SSH is listening to port 22. If SSH is configured to listen to a different port, use that port instead.
$ netstat -plant | grep :22
An alternative method to check open ports is checking the port file. The following command will print the list of all the open port files.
Another method is to telnet to the SSH port.
Depending on whether port 22 is open, the output will vary.
SSH service status
The SSH service manages the state of the feature. The following command will print the SSH service status.
$ sudo systemctl status sshd
By default, SSH is configured to start at boot. If having SSH up isn’t necessary at the moment, then we can stop it. Note that it requires the root account or non-root user with sudo privilege to change service.
The following command will stop the SSH service.
$ sudo systemctl stop sshd
If SSH isn’t up and running, then start the SSH service. It should load all the components and ready to accept SSH connections.
$ sudo systemctl start sshd
$ sudo service sshd start
If a service is enabled, it means that the system will start the service at boot. The system won’t start a disabled service at boot.
The following command will disable the SSH service. Note that to use SSH afterward, the service has to be started manually.
$ sudo systemctl disable sshd
The following command will mark the SSH service “enabled”.
$ sudo systemctl enable sshd
SSH is a powerful feature that makes remote management a lot simpler. Its inherent secure nature and simplicity make it the industry standard for remote system management. SSH is part and parcel of a system admin’s everyday life.
Working with multiple remote systems? Then consider using Ansible to manage all of them. Ansible is a configuration management system that uses SSH to connect and manage multiple remote systems. It’s a robust framework to manage all your remote systems from one place.