# N00b needing SSH config help...

## Jester

Hello all.

Okay, I wanna set up SSH on my newly installed Gentoo box at home so that I can connect to it from work and get stuff done on it during the day.  I've emerged it and all that stuff, and I've read over the security and networking guide, but I'm still totally at a loss as to how to configure it.  I want to make it so that the only connections it accepts are connections from my office, but I guess I'd settle for all connections for now.  ANYWAY, I've looked at some other posts about this whole thing, but they weren't really helpful for me.  I need somebody to give me some pointers on how to set it up (maybe a posting of a FULL sshd_config file?!) so that I can get it working.  Thanks!

----------

## kashani

start with

/etc/init.d/sshd start

then

etc-update add sshd default

after it is working AND ONLY after it is working should you attempt to lock down the sshd_config further... see assorted 20+ post threads for that insanity.

kashani

----------

## Jester

Cool, thanx.  Sounds like locking it down is a major pain in the butt....great...

I'll do what you said and then start the lockdown fun tomorrow...yay.

I wonder how secure the defaults are....hmmm...

----------

## Jester

Great, looks like it's working, but I've got a problem...

I disabled root login, but now it doesn't seem to wanna let anybody else log in.  I try to log in using my regular account (which is a member of the wheel group, and I've added the line "AllowGroups wheel admin" to the sshd_config file and restarted the service), but it just tells me access is denied after I type in my password...any thoughts?

----------

## Lockup

try the UserAllow one...(or something close to that...cant remember the exact param, its in 'man ssh_config' i think

----------

## Jester

Great, thanks!  I'll check that out tomorrow.  For now, I'm stinkin' tired from being up late all weekend.  I'm hittin' da sack!  Thanks, guys!

----------

## Lockup

have fun, hopefully your stuff will work more than mine (see vmware networking thread   :Evil or Very Mad: 

----------

## rac

Make sure the user you are trying to log in as has a login shell.  It's the last field in the /etc/passwd entry.  Either chsh or usermod can be used to set it if it is blank.

----------

## Jester

So, after 

```
/home/chris:
```

it should have something else? 

What's the default shell with Gentoo?  Is it bash?  Whatever my shell is, should it read something like this on that line?

```
 /home/chris:/bin/bash 
```

Is that right?

----------

## wudmx

yes, thats right!

----------

## Jester

Great!  I did that, and used the UserAllow parameter in my sshd_config file, and now I can log in with non-root users!  Thanx, peeps!  man, I love this community!

----------

## Jester

My machine shut down last night (cats playing with the power cable, probably), and so I booted it up this morning.  The SSH service started up normally, according to the boot messages, but I can't SSH to my machine this morning.  I just installed it like 2 days ago, as you all know, so I hadn't rebooted it since then until last night when it shut itself down....

Did I miss something in the configuration of the service when I set it up?  

One more quick, off-the-subject question...I'm wanting to set up an FTP server as well as a good (read:  easy to configure and maintain) mail server on that same box.  Any suggestions as to which one of each I should use?

Thanks!

----------

