Ufw Firewall Allow SSH

The firewall is used while connecting the servers locally or remotely. It allows the users to create a protected and authenticated connection. The uncomplicated firewall, commonly known as ufw, provides a user-friendly framework to configure the firewall and creates a secure connection. The ufw firewall is used in several Linux distributions by default to create an SSH connection.

This guide will cover the methods and options for using the ufw firewall to allow SSH connections in Linux with these helping topics:

How to Allow SSH Ufw Firewall?

There are several ways to allow the SSH ufw firewall in Linux. Before allowing the SSH ufw firewall, it must be installed in your working Linux distribution. To install the ufw firewall in Ubuntu 22.04, run the below-stated command:

$ sudo apt install ufw

The ufw firewall is already installed in my system.

Let’s check the current status of the ufw firewall if it’s active or not using this command:

$ sudo ufw status

The ufw firewall is currently inactive.

Enable ufw Firewall for SSH

It is necessary to enable the ufw firewall to use it. To enable the ufw firewall for creating the secure SSH connection, use the “enable” with the ufw command as shown below:

$ sudo ufw enable

After enabling the UFW firewall, check its status:

$ sudo ufw status

The output shows the port number/service status of the SSH firewall as “ALLOW”.

Allow ufw Firewall for SSH and Different Type of Connections

The ufw firewall can reject incoming connections automatically. These firewall changes can be made to system security policies to allow SSH connections if other connections are blocked. To allow the ufw firewall to create the SSH connections, use the below-mentioned command:

$ sudo ufw allow ssh

The security policy rules are updated, and SSH is allowed from the ufw firewall.

Similarly, to allow any other connection to avoid the ufw firewall, we can allow it. For instance, the below command allows the TCP connection at port 22:

$ sudo ufw allow 22/tcp

Set up Default ufw Settings

To avoid the manual ufw firewall changes every time you try to set up a connection, allow the incoming or outgoing communications in the default security policy using the command line method. By default, the outgoing connections are enabled, while incoming connections are blocked. To allow the incoming communications by default, run this command:

$ sudo ufw default allow incoming

The incoming default policy is changed.

Similarly, execute the below command to allow the outgoing communications by default:

$ sudo ufw default allow outgoing

The default ufw firewall outgoing policy is changed.

Allow SSH on Particular IP Address

We can allow the ufw firewall by default for a specific IP address only, whose general syntax is as follows:

$ sudo ufw allow from <ip-address> to any port 22
  • ip-address: Put your desired IP address here.
  • 22: Replace it with your port number if it’s not the default 22 port.

To allow the ufw firewall automatically on default SSH port 22 for the IP address “”, execute this command:

$ sudo ufw allow from to any port 22

To allow the SSH connection on any particular subnet (in my case, of an IP address, use this command:

$ sudo ufw allow from to any port 22

The rule is changed to the ufw security policy.

Allow ufw Firewall for SSH on a Particular Port Number

The uncomplicated firewall (ufw) can also be allowed on a specific port. This port will always listen to incoming communications. For example, to allow all the incoming communications on port “80”,run this command:

$ sudo ufw allow 80

The rule is updated, and port 80 is permanently opened to listen to the incoming connections.

Limit ufw Firewall SSH Connections

We can limit the SSH connections to make limited connections. For example, the below-stated command limits the connection to 6 attempts in the last 30 seconds:

$ sudo ufw limit ssh

Bonus Tip: Remove ufw Firewall for SSH and Other Connections

We can delete the SSH service from the list of ufw firewall-allowed users. The following command deletes the SSH connection from the ufw firewall allowed users:

$ sudo ufw delete allow ssh

We can remove the specific port number and service from the ufw allowed users list. For instance, the below command deletes the port 22 TCP service from the default allows users:

$ sudo ufw delete allow 22/tcp

To disable the ufw firewall to allow all the connections to the system, use the “disable” option with the ufw command:

$ sudo ufw disable

We have disabled the UFW firewall.

You can check its status after disabling it by typing the below command:

$ sudo ufw status

The ufw firewall is inactive.


The ufw firewall allows the SSH service to create secure and authenticated communication between servers. We can enable it to create a connection via SSH. The ufw service can be allowed for specific IP addresses, subnets, port numbers,s and a specific connection.

Moreover, we can disable and delete the SSH service from allowed users by updating the security policies mentioned in this guide.