You are not logged in.
Pages: 1
I have just installed the package of openssh.
But now it needs configuring.
I havent got a clue on how to do this. I know I have to generate keys etc. Is there some guide on how to do this for Arch Linux?
Thanks in advance.
Offline
When you first run the sshd daemon, the startup script will generate your host keys. Use ssh-keygen (see the man page) to generate public/private keys for users. Note that user keys aren't required if you're happy with user/password authentication.
Check out the sshd configuration file /etc/ssh/sshd_config too. Most settings are defaults and commented out. Some suggestions: use protocol 2 only, disable root logins, decide if you want to tunnel X, etc.
Offline
Ah ok thanks, well tunnelling X wont be necessary cause I havent got X running.
edit:
Well I got it installed and the deamon is running but when I try to connect with Putty from my windows desktop nothing happens
Keys are generated. Deamon is running and I didnt change a thing in the config file. What could be wrong?
Offline
Check your /etc/hosts.deny file. You most likely have the default DENY all traffic rule enabled.
HTH,
farphel
Follow the link below, sign up, and accept one promotional offer. If I can get five suckers (err... friends) to do this, I'll get a free iPod. Then you too can try to get a free iPod. Thanks! http://www.freeiPods.com/?r=11363142
Offline
O boy, that works. Learned something again.
I "#" the rule. Is there something important to replace it with?
Offline
That depends on what you have running and if/how you want to restrict access to your network services.
type 'man 5 hosts_access' at your prompt to read up on tcp wrappers.
Follow the link below, sign up, and accept one promotional offer. If I can get five suckers (err... friends) to do this, I'll get a free iPod. Then you too can try to get a free iPod. Thanks! http://www.freeiPods.com/?r=11363142
Offline
You can also use IPs or network ranges to be less permissive than "ALL". I use:
sshd: 10.0.0.0/255.255.255.0
This allows access from any client on a 10.0.0.x private network.
Offline
You can also use IPs or network ranges to be less permissive than "ALL". I use:
sshd: 10.0.0.0/255.255.255.0
This allows access from any client on a 10.0.0.x private network.
Would this be the same as:
10.0.0.0/24
I'm a bit hazy on the whole net masking thing.
Offline
Would this be the same as:
10.0.0.0/24
I'm a bit hazy on the whole net masking thing.
Yes
I have discovered that all of mans unhappiness derives from only one source, not being able to sit quietly in a room
- Blaise Pascal
Offline
Pages: 1