Home Server SSH Setup

pacman -S openssh

Add a user and network specific rules to sshd config at /etc/ssh/sshd_config. Also search for user specific auth files.

AllowUsers web
Match 192.168.0.*
	AllowUsers web root
	PermitRootLogin yes
Match all

...


AuthorizedKeysFile	.ssh/%u_authorized_keys

...

And enable the sshd service.

systemctl enable sshd.service && systemctl start sshd.service

We also need a public/private key pair to SSH in with. So we create a keypair with ssh_keygen for each user and place the appropriate .pub key in /home/<user name>/.ssh/<user name>_authorized_keys on the server.

We copy the private part of the key to ~/.ssh/<key name> on whatever machine we are logging in from. It can help to have a ~/.ssh/config file to manage different keys for different machines we want to log in to.

My ~/.ssh/config looks like this [2] [3]:

Match Host 192.168.0.<val> User root
        IdentityFile ~/.ssh/<root ssh private key file>

Match Host 192.168.0.<val> User user
        IdentityFile ~/.ssh/<user ssh private key file>

You'll also need to make sure that the private keys on your login machine needs chmod 600 <private key>.

Et voila, you're done. You should have a machine you can SSH into on your local network.

• [0] https://www.kisphp.com/linux/configure-ssh-for-multiple-hosts
• [1] https://wiki.archlinux.org/title/OpenSSH
• [2] https://www.liquidweb.com/kb/enable-root-login-via-ssh/
• [3] https://serverfault.com/a/790299