Setting up an ssh server.
Install the package openssh-server, which provides sshd. Then start sshd: as root, service sshd start. Insure there are no error messages.
Open port 22 for incoming ssh in your firewall. TODO: Document a distro-agnostic way of doing this.
Confirm you can ssh to yourself: (ssh user@localhost).
If you want to ssh into your box from other computers in your local network, confirm that works, too: (ssh user@hostname). You will need to have first assigned a hostname to the computer running sshd.
Set sshd to run on boot. TODO: Document a distro-agnostic way of doing this.
If all you want is to be able to ssh into your box from inside a local trusted network, you are done.
MAKING SSHD ACCESSIBLE FROM OUTSIDE THE LOCAL NETWORK
The server will need either a static IP address or dynamic DNS mapping. Confirm you can ssh into it from outside your local network (ssh email@example.com).
SSH’s default port 22 is a common target of online attacks, so use a nonstandard port. To encourage you, some ISPs block 22 and other common ports by default. Use an open port check tool and discuss the issue with your ISP; better providers will consider unblocking needed ports for customers who demonstrate competence. Happily, merely running Linux is a pretty good sign of competence.
Other ISPs block all ports for incoming transmissions originating beyond the ISP’s server on inexpensive service packages. This makes using sshd impossible unless you upgrade your service package. If this describes your ISP, consider switching.
PROTECTING SSHD IN UNTRUSTED NETWORKS
Insure you are following ssh best practices. In particular, on untrusted networks sshd should not use port 22. Use a nonstandard port that is not already assigned in /etc/services, configuring firewalls and routers accordingly.