How to Open SSH Port in UFW on Ubuntu

Securing your Ubuntu server is crucial, and managing open ports with the Uncomplicated Firewall (UFW) is a key step in this process. This article provides a quick, step-by-step guide on how to allow traffic through the default SSH port (port 22) using UFW, ensuring you can securely access your system remotely without accidentally locking yourself out of your server.

Step 1: Check the Current UFW Status

Before making any changes, check whether UFW is active on your system. Run the following command in your terminal:

sudo ufw status

If the firewall is inactive, you will see Status: inactive. If it is active, it will list the currently allowed rules.

Step 2: Allow the Default SSH Port

To open the default SSH port (port 22), you can use either the service name or the port number. Both commands achieve the same result.

Option A: Allow by service name (Recommended)

sudo ufw allow ssh

Option B: Allow by port number

sudo ufw allow 22/tcp

Step 3: Enable the UFW Firewall

If UFW was inactive in Step 1, you must enable it for the new rule to take effect. Run the following command:

sudo ufw enable

Note: You may receive a warning stating that the command may disrupt existing SSH connections. Since you have already allowed SSH in Step 2, it is safe to proceed. Type y and press Enter.

If UFW was already active, reload the firewall to apply the changes:

sudo ufw reload

Step 4: Verify the Changes

Finally, confirm that the SSH port is open by checking the UFW status again:

sudo ufw status verbose

In the output, you should see a rule indicating that traffic to port 22/tcp (or ssh) is allowed from Anywhere:

Status: active

To                         Action      From
--                         ------      ----
22/tcp                     ALLOW       Anywhere
22/tcp (v6)                ALLOW       Anywhere (v6)