Always setup ssh server when setting up a new linux laptop
It’s 11pm. You just spent the whole day setting up your Ubuntu laptop. As part of an installation step you ran sudo apt autoremove . You reboot. The dreaded black screen of death at startup. You try ctrl + alt + f{1-12} nothing shows up. You try to mess with Grub and even the loader screen doesn’t come up. Maybe BIOS settings? Nada. F*, did you just waste a whole day?!
In the past I would just cursed up a storm after an hour of futile StackOverflowing/Googling, and plugged that Ubuntu installation USB back in. Fortunately, this time I wanted to try out Code Server (more in another post). As part of the setup, I installed an SSH server in the process. So I simply logged in from another machine on my home network to try and figure out the problem.
The solution in the end turned out fairly simple (in hindsight). What I thought were old nvidia drivers that got removed were actually the primary ones (why does apt autoremove do that?). I no longer had nvidia-smi available, there were no nvidia-settings . No wonder nothing was showing on screen.
You can install Nvidia a number of different ways on Ubuntu. I didn’t have access to a GUI and I didn’t need to select a specific version. So I just ran sudo ubuntu-drivers install and then sudo shutdown -r now . And voila, can run nvidia-smi again showing my GPU information
Setting up SSH
Setting up an SSH server on Ubuntu was straightforward. There are lots of posts online describing the process in detail. I’m just going to outline the steps here as a reminder for myself.
First install the OpenSSH Server:
sudo apt update
sudo apt install -y openssh-serverOnce the installation is complete, verify ssh is running:
If you have another computer running in the same wifi network, you should now be able to SSH from that other computer using your user credentials.
Security
You’re not paranoid if they’re really coming after you. There are to simple things you can do to better secure your computer here. First, use a non-standard port. Find /etc/ssh/sshd_config and change the Port XXX configuration to something other than 22. And also disable root access via ssh using PermitRootLogin no .
It’s also a good idea to install a firewall. The default UncomplicatedFirewallufw is not a bad choice.
sudo apt update
sudo apt install ufw
sudo ufw enableBy default all access is locked down, so enable SSH access with
sudo ufw allow <non-standard-ssh-port-number>If you didn’t specify a custom port number, then sudo ufw allow ssh will automatically enable port 22.
Check that the rule changes were success with sudo ufw status .
Finally, you should setup an extra layer of security by settings up SSH access via SSH keys.
On the CLIENT machine, setup a key-pair:
ssh-keygen(it’s best to specify a non-empty passphrase).
Once the key is generated, copy the PUBLIC key onto the HOST machine:
ssh-copy-id <username>@<host-machine>Answer “yes” to the authenticity can’t be established prompt and enter your password. If successful, you’ll see seomthing like “Number of key(s) added: 1”
Once this is done, you can disable password login in your SSH server configuration file with
ChallengeResponseAuthentication no
PasswordAuthentication no
UsePAM noThen just reload ssh server with sudo systemctl reload sshd . Now if you try to SSH in without specifying a keyfile, you’ll get “Permission denied (publickey)” back from the server.
Everything still sucks
Every year for the past 5 years, someone has claimed “20xx is the year of Linux on the laptop!” and every year the community is utterly disappointed.
Power management sucks: a dual-boot laptop that would last for 6–8 hours in Windows only lasts for 3 in Ubuntu.
Bluetooth sucks: I can’t connect my Airpods without having to change the default Bluetooth settings file. My Anne Pro II lasts for a whole week when connected to a Macbook Pro, but no more than 3 days when connected to Ubuntu.
Pro applications suck: Linux support is always a second class citizen for most popular applications. e.g., Zoom Linux client doesn’t support virtual background (On the bright side, that was an excuse to tinker with person segmentation via deep learning).
Language support sucks: e.g., the Chinese input method can only be installed by jumping through 10 hoops. And in the end, you’re stuck with a butt fugly input panel whenever you type in Chinese. Oh and you can’t change hotkeys without having to reboot.
Graphics drivers (still) sucks: it’s somewhat shocking that all the cryptocurrencies still haven’t made nvidia get off their bums to make the linux gpu experience good enough.
At least by setting ssh access, you don’t have to worry as much about bricking your laptop and having to start all over because nvidia drivers got messed up.
That counts for something I suppose.