# setting up sshd

## hhaamu

Hi!

I want to set up a ssh daemon so I can connect from any computer to this using ssh. The problem is: there isn't any howtos for ssh   :Sad: 

The output when running sshd as root:

Could not load host key: /etc/ssh/ssh_host_key

Could not load host key: /etc/ssh/ssh_host_rsa_key

Could not load host key: /etc/ssh/ssh_host_dsa_key

Disabling protocol version 1. Could not load host key

Disabling protocol version 2. Could not load host key

sshd: no hostkeys available -- exiting.

(the problem obviously is that I don't have any keys generated) 

How do I do that? ssh-keygen? Under what priviledges?

----------

## eivinn

```
emerge openssh

rc-update add openssh default

```

Now you can restart your computer and openssh is started by default.

You can then log in as root or any other user on the system provided they have got a shell.

----------

## rizzo

To start sshd, do:

```
/etc/init.d/sshd start
```

This will create those host keys.  Start up sshd by the executable itself does not create those keys.

Using the /etc/init.d/ scripts is the preferred way to start/stop services on your machine.

----------

## hhaamu

Thanks!

btw, it's

```
rc-update add sshd default
```

----------

## dirty

thanks alot

i goted the same problem  :Very Happy: 

----------

## changed

 *eivinn wrote:*   

> 
> 
> ```
> emerge openssh
> 
> ...

 

I have problem. As far as I login as a root everything is ok but no other user is allowed to use ssh. Why ? 

regards

----------

## JyZude

changed: This may be a silly question, but can the other users log in at a normal terminal? Have you set their passwords with passwd? Have you set their default login shells with usermod -s? Just checking.

----------

## rizzo

I'd be willing to bet they do not have their shells set.  Look in the /etc/passwd file and see if they have a shell like /bin/bash set.  If not, set it.

----------

## changed

Thanks for your reply guys  :Smile: 

Yes they can login locally...  I set their passwords with passwd but ... plz dont laugh I edited /etc/passwd manually to fix the problem with default shells ... does it make any difference ?

----------

## kashani

 *changed wrote:*   

> Thanks for your reply guys 
> 
> Yes they can login locally...  I set their passwords with passwd but ... plz dont laugh I edited /etc/passwd manually to fix the problem with default shells ... does it make any difference ?

 

oohhhh not good. Don't do that unless... actually there's never a really good reason for doing it. 

1. How to do it normally/correctly.

usermod -s <path to shell> <username>

All user attributes can be modified through usernmod commands. 

2. How to make what you've already do work.

No sense in going through it again so run the secret happy command:

pwconv

kashani

----------

## changed

Thank you so much!!! 

Well... it looks Im brainless  :Embarassed: 

----------

## alixta

 *rizzo wrote:*   

> To start sshd, do:
> 
> ```
> /etc/init.d/sshd start
> ```
> ...

 

Using Gentoo 1.4 Rc_2 and following the above instructions (emerge openssh, rc-update etc including a reboot) & I'm still getting 'Could not load host key: /etc/ssh/ssh_host_key' during boot up.

I tried manually creating the keys & running sshd before using the above script, but no luck  either  :Question: 

Any clues?

Cheers

Alistair

>>>>>UPDATED<<<<<

 :Embarassed:   :Embarassed:   :Embarassed:   :Embarassed:   :Embarassed: 

Nothing like answering your own question   :Confused: 

Once I removed the host keys I had manually created & then try 

```
/etc/init.d/sshd start
```

whammo  :Exclamation:  it boots up & creates it's own keys..

----------

## Mnemia

 *kashani wrote:*   

>  *changed wrote:*   Thanks for your reply guys 
> 
> Yes they can login locally...  I set their passwords with passwd but ... plz dont laugh I edited /etc/passwd manually to fix the problem with default shells ... does it make any difference ? 
> 
> oohhhh not good. Don't do that unless... actually there's never a really good reason for doing it. 
> ...

 

Pardon my ignorance, but why exactly is there any reason why you shouldn't edit the file manually? There is no difference with whether you add it by hand or use the usermod commands, at least as far as I knew. I thought they just edited the file as if you had done it yourself. Explain?

BTW, I don't think he means that he manually put the encrypted password in /etc/passwd, bypassing the shadow file. I think he just means that he added on the shell at the end of his user's line in passwd and I don't think there's anything wrong with that since that's how I've always done it and it works fine.

----------

## serty2

about the fact that the normal users cannot log in an ssh session, see the post about that in the newbie section...this question has been posted a zillion times,

what u should do is add the users to the WHEEL group ....

By default, only the WHEEL group can login to sshd  :Wink: 

----------

## klieber

 *Mnemia wrote:*   

> Pardon my ignorance, but why exactly is there any reason why you shouldn't edit the file manually? There is no difference with whether you add it by hand or use the usermod commands, at least as far as I knew.

 

You can edit the files manually, but you need to use tools that will place a lock on the file to prevent other files/users from writing to the file at the same time and corrupting things.  This isn't so much of an issue when you're on a single-user system where there's little chance that multiple people will be accessing the file at the same time.  However, it's still a smart idea to get in the habit of using the correct tools/methods.

man vipw and man vigr for more info or search google.

--kurt

----------

## Mnemia

 *klieber wrote:*   

>  *Mnemia wrote:*   Pardon my ignorance, but why exactly is there any reason why you shouldn't edit the file manually? There is no difference with whether you add it by hand or use the usermod commands, at least as far as I knew. 
> 
> You can edit the files manually, but you need to use tools that will place a lock on the file to prevent other files/users from writing to the file at the same time and corrupting things.  This isn't so much of an issue when you're on a single-user system where there's little chance that multiple people will be accessing the file at the same time.  However, it's still a smart idea to get in the habit of using the correct tools/methods.
> 
> man vipw and man vigr for more info or search google.
> ...

 

Cool, thanks for explaining that. That makes sense.

----------

