Configure SSH Server on Arch / Manjaro / EndeavourOS

Josphat Mutai
October 14, 2024
6:04 am
No Comments

Are you looking for an easier way to install and configure OpenSSH server on Arch Linux based distributions? – this will include Arch Linux , Manjaro, EndeavourOS, Garuda, among other Arch-based Linux systems. OpenSSH Server is a widely used, and open source implementation of Secure Shell (SSH) protocol. It enables you to have an encrypted communication channel between systems and is used to securely login to remote systems, transfer files and execute commands on those systems.

Update system package database

In this article we will install OpenSSH server on Arch Linux, Manjaro, Garuda and EndeavourOS. Open a terminal session in your OS and make sure it’s updated.

sudo pacman -Syu

If setup keys are not working populate as below.

sudo rm -rf /etc/pacman.d/gnupg
sudo pacman-key --init
sudo pacman-key --populate archlinux
sudo pacman -Sy archlinux-keyring

Install OpenSSH Server

Once done with update, install openssh package.

sudo pacman -S openssh

Accept prompts to proceed with the installation.

...
:: Proceed with installation? [Y/n] y
(1/1) checking keys in keyring                                                                                                                                        [------------------------------------------------------------------------------------------------------] 100%
(1/1) checking package integrity                                                                                                                                      [------------------------------------------------------------------------------------------------------] 100%
(1/1) loading package files                                                                                                                                           [------------------------------------------------------------------------------------------------------] 100%
(1/1) checking for file conflicts                                                                                                                                     [------------------------------------------------------------------------------------------------------] 100%
:: Processing package changes...
(1/1) reinstalling openssh                                                                                                                                            [------------------------------------------------------------------------------------------------------] 100%
:: Running post-transaction hooks...
(1/5) Reloading system manager configuration...
(2/5) Reloading user manager configuration...
(3/5) Creating temporary files...
(4/5) Arming ConditionNeedsUpdate...
(5/5) Checking which packages need to be rebuilt

Start and enable sshd service.

sudo systemctl start sshd
sudo systemctl enable sshd

Confirm that the service is enabled.

$ systemctl is-enabled sshd
enabled

You can as well check the status.

$ systemctl status sshd
● sshd.service - OpenSSH Daemon
     Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; preset: disabled)
     Active: active (running) since Mon 2024-10-14 08:19:10 EAT; 24min ago
 Invocation: 9b5e399d862344a8b9205d6ac4c79721
   Main PID: 2401 (sshd)
      Tasks: 1 (limit: 28671)
     Memory: 4.6M (peak: 21.7M)
        CPU: 380ms
     CGroup: /system.slice/sshd.service
             └─2401 "sshd: /usr/bin/sshd -D [listener] 0 of 10-100 startups"

Oct 14 08:40:17 endeavouros sshd-session[3074]: pam_systemd_home(sshd:auth): New sd-bus connection (system-bus-pam-systemd-home-3074) opened.
Oct 14 08:40:17 endeavouros sshd-session[3074]: Accepted password for jkmutai from 192.168.1.151 port 64489 ssh2
Oct 14 08:40:17 endeavouros sshd-session[3074]: pam_unix(sshd:session): session opened for user jkmutai(uid=1000) by jkmutai(uid=0)
Oct 14 08:40:17 endeavouros sshd-session[3074]: pam_systemd(sshd:session): New sd-bus connection (system-bus-pam-systemd-3074) opened.
Oct 14 08:40:17 endeavouros sshd-session[3074]: pam_unix(sshd:session): session closed for user jkmutai
Oct 14 08:40:17 endeavouros sshd-session[3074]: pam_systemd(sshd:session): New sd-bus connection (system-bus-pam-systemd-3074) opened.
Oct 14 08:41:01 endeavouros sshd-session[3099]: pam_systemd_home(sshd:account): New sd-bus connection (system-bus-pam-systemd-home-3099) opened.
Oct 14 08:41:01 endeavouros sshd-session[3099]: Accepted publickey for jkmutai from 192.168.1.151 port 64535 ssh2: RSA SHA256:b/8AoYgbThoBYPcFh7CetJuGY/Tl7s4fiJwUWUcIEcE
Oct 14 08:41:01 endeavouros sshd-session[3099]: pam_unix(sshd:session): session opened for user jkmutai(uid=1000) by jkmutai(uid=0)
Oct 14 08:41:01 endeavouros sshd-session[3099]: pam_systemd(sshd:session): New sd-bus connection (system-bus-pam-systemd-3099) opened.

To connect to a server from a client, run:

ssh user@server-address

Customize OpenSSH server (Optional)

To customize OpenSSH server edit /etc/ssh/sshd_config

To change SSH port

Port <custom-port>

To disable root user login

PermitRootLogin no

Only allow root login via ssh keys.

PermitRootLogin prohibit-password

Disable password authentication for all user – this means you have to copy ssh public key prior to disabling this

PasswordAuthentication no

Only accept SSH public keys

AuthenticationMethods publickey

After making the changes, you will need to restart sshd service.

sudo systemctl restart sshd

Check out our Linux support services to understand how we can help out.

Your IT Journey Starts Here!

Ready to level up your IT skills? Our new eLearning platform is coming soon to help you master the latest technologies.

Be the first to know when we launch! Join our waitlist now.