On Mon, Feb 17, 2020 at 08:16:32AM +0000, tetrahedra via qubes-users wrote: > But sshd doesn't appear to be installed on any template, nor does it > appear to be installable (`dnf search sshd` only returns apache-sshd).
the pkg is called "openssh-server". after installing it in the template, i recommend to "systemctl disable sshd" in the template (so it wont run in all appvms). note you may need some appvm-rc.local addon to keep a static host key with your appvm: cp -pf /rw/sshd/* /etc/ssh/ chgrp ssh_keys /etc/ssh/*key > How do I set up an SSH server on my AppVM? i deviate from the regular "how to do portforwards with qubes" for this and have a qubes-rpc service that basicly just does "exec sudo sshd -i" in the target vms, then do a socat/systemdsocket bounce to the rpc service straight from sys-net. that way the "messing with firewalls" is limited to exactly one INPUT rule in sys-net, plus one qubes-rpc policy, and there are no perma-running services in the target vm at all! -- You received this message because you are subscribed to the Google Groups "qubes-users" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/d/msgid/qubes-users/20200217082837.GX8973%40priv-mua.
