Linux Commands

Ufw Firewall Allow SSH

A working firewall is among the first layers of protection in protecting the cloud server. Previously, this was frequently achieved by the use of complex and obscure utilities. There seem to be a lot of features integrated into such packages or utilities, with iptables as perhaps the most common one lately, however learning and using them require some work on the part of the consumer. In this regard, UFW is a much more user-friendly choice. UFW or Unpretentious Firewall is an iptables front-end. Its key purpose is to make controlling the firewall as seamless as possible by including a user-friendly GUI. It’s well enough and famous in the Linux world, with many Linux distributions including it by default. As a result, it’s a flawless place to start when it comes to protecting your server.


Make sure to have any distribution of the Linux operating system installed on your machine. In our example, we have Ubuntu 20.04 installed and used for this purpose. Users must have occupied the root user account or have sudo rights to do anything.

Install UFW

At the very early stage, you have to make sure that you have the UFW firewall installed and configured on your Ubuntu 20.04 Linux system.

Now, open the command-line shell from the Activity side area at the top of the desktop, or you can use the shortcut key Ctrl+Alt+T to do so. If you don’t have UFW installed, you can do so using the below-stated instructions in the shell. The sudo command requires your sudo user password to install the UFW utility in Ubuntu 20.04 Linux distribution. Write your password and tap the “Enter” key from your typewriter.

$ sudo apt install ufw

You can also use the below command to install UFW with a little change. You can see that the UFW has been installed on our Ubuntu 20.04 Linux system.

Check the UFW Status

After the installation process, you are finally able to check the activation status of the UFW firewall. For this, we have to use the simple sudo command followed by the word “ufw” and “status”, as displayed below. The output snapshot is showing that the UFW firewall is currently disabled or inactive.

$ sudo ufw status

Enable UFW Firewall

To further use it, we have to first enable it using the sudo command along with the words “ufw” and “enable”, as presented in the snapshot below. Now your firewall has been properly activated and is ready to use.

$ sudo ufw enable

We can again check the status of the UFW firewall using the old status command, as shown below. You can view the output which indicates that the UFW firewall is not activated.

$ sudo ufw status

When the VPS is set up for IPv6, make sure to absolutely confirm that UFW is set up to handle IPv6 as well, so it can customize IPv4 mutually as well as IPv6 firewall policies. To do just that, use the following instruction to access the configuration file of the UFW firewall:

$ sudo vi /etc/dfault/ufw

The following below output window will be popped up. You can see it has already been set to “IPv6”, so we don’t need to change anything. Just press “:q:” and quit the file.

Default Settings

Defining certain default rules for accepting and refusing connections is among the aspects that can make establishing a firewall simpler. All incoming communications are denied by default, while all outgoing communications are allowed. This ensures that anybody who tries to log into your cloud service will be unable to do so, but any program running on the server will be allowed to communicate with the external world. You may use the subsequent instructions to change UFW’s defaults:

$ sudo ufw default allow outgoing

Allow SSH and Other Connections

By providing instructions in the command-line terminal, you can alter the security policies. Both incoming communications will be rejected if we switched on the firewall right now. When you’re linked to the cloud server via SSH, this will be a challenge because you’d be signed out. To avoid this from occurring, we’ll allow SSH connections to our cloud service, as shown below. The connections are also successfully added.

$ sudo ufw allow ssh

For general applications, UFW has certain defaults. The illustration shown is the SSH command we used earlier. It’s essentially just an abbreviation for:

$ sudo ufw allow 22/tcp

The TCP protocol is used to facilitate the communication on port 22 with this instruction, you may use the below instruction to allow connections:

$ sudo ufw allow 2222/tcp

Check Status

Finally, all the connections have been set. There are a lot more connections you can connect with, but we have to check the status of the UFW firewall after connecting SSH with it. The output shows the connections listed in the output.

Delete SSH and Other Connections

Now before logging out of the system, you may have to delete all the connections. For this purpose, we have to use the same sudo command with a little change. We have been using the “delete” word this time. To delete the “SSH” connection, try the below command:

$ sudo ufw delete allow ssh

Now we will be deleting the connection for tcp port number 22 as follows:

$ sudo ufw delete allow 22/tcp

Then we will be deleting the connection for tcp port number 22 as follows:

$ sudo ufw delete allow 22/tcp

We are disabling the status of UFW firewall by using the same sudo ufw command. It requires sudo privileges to change the status of the UFW firewall.

$ sudo ufw disable

Upon checking the status, you can see that it’s disabled.

$ sudo ufw status


We have tried every step to allow SSH connection with the UFW firewall. We hope you can easily establish ssh connection by going through this article.

About the author

Aqsa Yasin

I am a self-motivated information technology professional with a passion for writing. I am a technical writer and love to write for all Linux flavors and Windows.