SSH not working with fresh install

Question

I recently liberated an old model B from the loft, put NOOBS on an SD card, and installed the latest version of Raspbian on it. I booted it up, attempted to SSH to it from my Mac, but got:

ssh: connect to host 192.168.1.248 port 22: Connection refused

I got around this in the first instance by running sudo ssh restart, but now every time I boot up again, I have to restart the ssh service before I can ssh in again, which obviously isn't practical. Anything I can do to fix it more permanently?

Answer 1

Quoting the documentation:

As of the November 2016 release, Raspbian has the SSH server disabled by default. You will have to enable it manually.

To enable SSH on machines through console:

Enter sudo raspi-config in the terminal, first select Interfacing Options, then navigate to ssh, press Enter and select Enable or disable ssh server.

To enable SSH for headless machines:

For headless setup, SSH can be enabled by placing a file named ssh, without any extension, onto the boot partition of the SD card.

Answer 2

There has recently been a security update for Raspberry Pi. Here is an article from https://www.raspberrypi.org/blog/a-security-update-for-raspbian-pixel/

From the foundation's article:

What has changed?

First, from now on SSH will be disabled by default on our images. SSH (Secure SHell) is a networking protocol which allows you to remotely log into a Linux computer and control it from a remote command line. As mentioned above, many Pi owners use it to install a Pi headless (without screen or keyboard) and control it from another PC.

In the past, SSH was enabled by default, so people using their Pi headless could easily update their SD card to a new image. Switching SSH on or off has always required the use of raspi-config or the Raspberry Pi Configuration application, but to access those, you need a screen and keyboard connected to the Pi itself, which is not the case in headless applications. So we’ve provided a simple mechanism for enabling SSH before an image is booted.

The boot partition on a Pi should be accessible from any machine with an SD card reader, on Windows, Mac, or Linux. If you want to enable SSH, all you need to do is to put a file called ssh in the /boot/ directory. The contents of the file don’t matter: it can contain any text you like, or even nothing at all. When the Pi boots, it looks for this file; if it finds it, it enables SSH and then deletes the file. SSH can still be turned on or off from the Raspberry Pi Configuration application or raspi-config; this is simply an additional way to turn it on if you can’t easily run either of those applications.

The risk with an open SSH port is that someone can access it and log in; to do this, they need a user account and a password. Out of the box, all Raspbian installs have the default user account ‘pi’ with the password ‘raspberry’. If you’re enabling SSH, you should really change the password for the ‘pi’ user to prevent a hacker using the defaults. To encourage this, we’ve added warnings to the boot process. If SSH is enabled, and the password for the ‘pi’ user is still ‘raspberry’, you’ll see a warning message whenever you boot the Pi, whether to the desktop or the command line. We’re not enforcing password changes, but you’ll be warned whenever you boot if your Pi is potentially at risk.

Our hope is that these (relatively minor) changes will not cause too much inconvenience, but they will make it much harder for hackers to attack the Pi.

What this basically means is that there has recently been lots of hacking of devices using remote connection like SSH. Due to this, SSH is by default turned disabled. To fix this all you have to do is create a file called ssh in the /boot/ directory. This file called ssh can contain any text or nothing if you want. Then, using the sudo raspi-config command on the terminal you can enable ssh again.

Also, it recommends you change your password if it was something simple like password to something more difficult to crack using the passwd command.

Answer 3

I was getting Permission denied (publickey,password).

It turns out that for headless setups there is now a new step on top of creating the ssh enabling file: you need to setup the user enabling file.

If that helps someone that does not have a Linux installation available, here is the result of the command

echo 'raspberry' | openssl passwd -6 -stdin

$6$wF8bI6zltPrb5zzM$JyeEHkWfAlys7Qws.TQT1GOXZfh.StOhNiR9gjWQ7mt840P.fulEdEdTAdMnQVhnFBg0ogmpPnc1s8.wfG8wG1

Answer 4

systemctl solution

If you already have a shell on the Pi through a non-SSH method such as screen + keyboard or UART (see this post), you can also just run:

sudo systemctl enable ssh
sudo service sshd start

instead of doing it interactively through sudo raspi-config.

/boot/ssh magic file

If you don't have a shell on the Pi yet, insert he SD card on your host, and create a magic empty file named ssh file in the boot/ partition (the first one).

On Ubuntu hosts, it gets mounted automatically and you can do just:

sudo touch /media/$USER/boot/ssh

which you can confirm with:

lsblk

which contains:

mmcblk0     179:0    0  14.4G  0 disk
├─mmcblk0p1 179:1    0  43.9M  0 part /media/ciro/boot
└─mmcblk0p2 179:2    0  14.4G  0 part /media/ciro/rootfs

Tested on Raspbian Lite 2018-11-13, full test setup described further at: SSH to RPi without a network connection?

Answer 5

Yes, as @tecraf said ssh is disabled by default, but the configuration location has changed. To enable SSH on your machine through console:

Enter sudo raspi-config in the terminal go to 5-Interfacing Options, then navigate to P2-ssh, press Enter and use tab to enable or disable ssh server. Then sudo shutdown -r now to reboot. (side note shutdown -h now will not reboot)