Environment Details
Boot Image: archlinux-2025.10.01-x86_64.iso
Virtualization Platform: VMware ESXi
Virtual Machine Configuration:
CPU: 2 cores
RAM: 4 GB
Storage: 16 GB HDD
Boot the live environment
Arch Linux installation images do not support Secure Boot. You will need to disable Secure Boot to boot the installation medium.
Console fonts are located in /usr/share/kbd/consolefonts/ and can likewise be set with setfont(8) omitting the path and file extension.
For example, to use one of the largest fonts suitable for HiDPI screens, run:
root@archiso ~ # setfont ter-132b
Verify the boot mode
To verify the boot mode, check the UEFI bitness:
root@archiso ~ # cat /sys/firmware/efi/fw_platform_size
If the command returns 64, the system is booted in UEFI mode and has a 64-bit x64 UEFI.
Partition the disks
root@archiso ~ # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 957.1M 1 loop /run/archiso/airootfs
sda 8:0 0 16G 0 disk
sr0 11:0 1 1.4G 0 rom /run/archiso/bootmnt
root@archiso ~ #
root@archiso ~ #
root@archiso ~ # fdisk /dev/sda
Welcome to fdisk (util-linux 2.41.2).
Changes will remain in memory only, until you decide to write them.
Be careful before using the write command.
Device does not contain a recognized partition table.
Created a new DOS (MBR) disklabel with disk identifier 0xe4f38b68.
Command (m for help): n
Partition type
p primary (0 primary, 0 extended, 4 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (1-4, default 1):
First sector (2048-33554431, default 2048): +1G
Value out of range.
First sector (2048-33554431, default 2048):
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2048-33554431, default 33554431): +1G
Created a new partition 1 of type 'Linux' and of size 1 GiB.
Command (m for help): t
Selected partition 1
Hex code or alias (type L to list all): ef
Changed type of partition 'Linux' to 'EFI (FAT-12/16/32)'.
Command (m for help): n
Partition type
p primary (1 primary, 0 extended, 3 free)
e extended (container for logical partitions)
Select (default p): p
Partition number (2-4, default 2):
First sector (2099200-33554431, default 2099200):
Last sector, +/-sectors or +/-size{K,M,G,T,P} (2099200-33554431, default 33554431):
Created a new partition 2 of type 'Linux' and of size 15 GiB.
Command (m for help): t
Partition number (1,2, default 2):
Hex code or alias (type L to list all): 8e
Changed type of partition 'Linux' to 'Linux LVM'.
Command (m for help): p
Disk /dev/sda: 16 GiB, 17179869184 bytes, 33554432 sectors
Disk model: Virtual disk
Units: sectors of 1 * 512 = 512 bytes
Sector size (logical/physical): 512 bytes / 512 bytes
I/O size (minimum/optimal): 512 bytes / 512 bytes
Disklabel type: dos
Disk identifier: 0xe4f38b68
Device Boot Start End Sectors Size Id Type
/dev/sda1 2048 2099199 2097152 1G ef EFI (FAT-12/16/32)
/dev/sda2 2099200 33554431 31455232 15G 8e Linux LVM
Command (m for help): w
The partition table has been altered.
Calling ioctl() to re-read partition table.
Syncing disks.
root@archiso ~ # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 957.1M 1 loop /run/archiso/airootfs
sda 8:0 0 16G 0 disk
├─sda1 8:1 0 1G 0 part
└─sda2 8:2 0 15G 0 part
sr0 11:0 1 1.4G 0 rom /run/archiso/bootmnt
root@archiso ~ #
LVM on LUKS
root@archiso ~ # cryptsetup luksFormat /dev/sda2
WARNING!
========
This will overwrite data on /dev/sda2 irrevocably.
Are you sure? (Type 'yes' in capital letters): YES
Enter passphrase for /dev/sda2:
Verify passphrase:
cryptsetup luksFormat /dev/sda2 10.73s user 0.82s system 72% cpu 15.910 total
root@archiso ~ #
root@archiso ~ # cryptsetup open /dev/sda2 cryptlvm
Enter passphrase for /dev/sda2:
root@archiso ~ #
root@archiso ~ # pvcreate /dev/mapper/cryptlvm
Physical volume "/dev/mapper/cryptlvm" successfully created.
root@archiso ~ #
root@archiso ~ # vgcreate MyVolGroup /dev/mapper/cryptlvm
Volume group "MyVolGroup" successfully created
root@archiso ~ #
root@archiso ~ # lvcreate -L 2G MyVolGroup -n swap
Logical volume "swap" created.
root@archiso ~ #
root@archiso ~ # lvcreate -L 6G MyVolGroup -n root
Logical volume "root" created.
root@archiso ~ #
root@archiso ~ # lvcreate -l 100%FREE MyVolGroup -n home
Logical volume "home" created.
root@archiso ~ #
root@archiso ~ #
root@archiso ~ # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 957.1M 1 loop /run/archiso/airootfs
sda 8:0 0 16G 0 disk
├─sda1 8:1 0 1G 0 part
└─sda2 8:2 0 15G 0 part
└─cryptlvm 253:0 0 15G 0 crypt
├─MyVolGroup-swap 253:1 0 2G 0 lvm
├─MyVolGroup-root 253:2 0 6G 0 lvm
└─MyVolGroup-home 253:3 0 7G 0 lvm
sr0 11:0 1 1.4G 0 rom /run/archiso/bootmnt
root@archiso ~ #
Format the partitions
root@archiso ~ # mkfs.ext4 /dev/MyVolGroup/root
mke2fs 1.47.3 (8-Jul-2025)
Creating filesystem with 1572864 4k blocks and 393216 inodes
Filesystem UUID: 32ecaacb-9008-4a2d-b828-66c486abf2ff
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736
Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done
root@archiso ~ # mkfs.ext4 /dev/MyVolGroup/home
mke2fs 1.47.3 (8-Jul-2025)
Creating filesystem with 1829888 4k blocks and 457856 inodes
Filesystem UUID: 0ceb6b6d-6451-441c-8296-1b095ceda30f
Superblock backups stored on blocks:
32768, 98304, 163840, 229376, 294912, 819200, 884736, 1605632
Allocating group tables: done
Writing inode tables: done
Creating journal (16384 blocks): done
Writing superblocks and filesystem accounting information: done
root@archiso ~ # mkswap /dev/MyVolGroup/swap
Setting up swapspace version 1, size = 2 GiB (2147479552 bytes)
no label, UUID=131734f8-1a82-43e6-9b11-ec93baddf428
root@archiso ~ #
Mount the file systems
root@archiso ~ # mount /dev/MyVolGroup/root /mnt
root@archiso ~ # mount --mkdir /dev/MyVolGroup/home /mnt/home
root@archiso ~ # swapon /dev/MyVolGroup/swap
root@archiso ~ #
root@archiso ~ # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 957.1M 1 loop /run/archiso/airootfs
sda 8:0 0 16G 0 disk
├─sda1 8:1 0 1G 0 part
└─sda2 8:2 0 15G 0 part
└─cryptlvm 253:0 0 15G 0 crypt
├─MyVolGroup-swap 253:1 0 2G 0 lvm [SWAP]
├─MyVolGroup-root 253:2 0 6G 0 lvm /mnt
└─MyVolGroup-home 253:3 0 7G 0 lvm /mnt/home
sr0 11:0 1 1.4G 0 rom /run/archiso/bootmnt
root@archiso ~ #
Boot Partition
root@archiso ~ # mkfs.fat -F32 /dev/sda1
mkfs.fat 4.2 (2021-01-31)
root@archiso ~ #
root@archiso ~ # mount --mkdir /dev/sda1 /mnt/boot
root@archiso ~ #
root@archiso ~ # lsblk
NAME MAJ:MIN RM SIZE RO TYPE MOUNTPOINTS
loop0 7:0 0 957.1M 1 loop /run/archiso/airootfs
sda 8:0 0 16G 0 disk
├─sda1 8:1 0 1G 0 part /mnt/boot
└─sda2 8:2 0 15G 0 part
└─cryptlvm 253:0 0 15G 0 crypt
├─MyVolGroup-swap 253:1 0 2G 0 lvm [SWAP]
├─MyVolGroup-root 253:2 0 6G 0 lvm /mnt
└─MyVolGroup-home 253:3 0 7G 0 lvm /mnt/home
sr0 11:0 1 1.4G 0 rom /run/archiso/bootmnt
root@archiso ~ #
root@archiso ~ # df -h
Filesystem Size Used Avail Use% Mounted on
dev 1.8G 0 1.8G 0% /dev
run 2.0G 9.0M 2.0G 1% /run
efivarfs 256K 54K 198K 22% /sys/firmware/efi/efivars
/dev/sr0 1.5G 1.5G 0 100% /run/archiso/bootmnt
cowspace 256M 1.1M 255M 1% /run/archiso/cowspace
/dev/loop0 958M 958M 0 100% /run/archiso/airootfs
airootfs 256M 1.1M 255M 1% /
tmpfs 2.0G 0 2.0G 0% /dev/shm
tmpfs 2.0G 0 2.0G 0% /tmp
tmpfs 1.0M 0 1.0M 0% /run/credentials/systemd-journald.service
tmpfs 1.0M 0 1.0M 0% /run/credentials/systemd-resolved.service
tmpfs 2.0G 2.7M 2.0G 1% /etc/pacman.d/gnupg
tmpfs 1.0M 0 1.0M 0% /run/credentials/systemd-networkd.service
tmpfs 1.0M 0 1.0M 0% /run/credentials/[email protected]
tmpfs 391M 8.0K 391M 1% /run/user/0
/dev/mapper/MyVolGroup-root 5.9G 1.6M 5.6G 1% /mnt
/dev/mapper/MyVolGroup-home 6.8G 1.8M 6.5G 1% /mnt/home
/dev/sda1 1022M 4.0K 1022M 1% /mnt/boot
root@archiso ~ #
Installation
root@archiso ~ # pacstrap -K /mnt base linux linux-firmware
...
==> Initcpio image generation successful
(13/13) Reloading system bus configuration...
Skipped: Running in chroot.
pacstrap -K /mnt base linux linux-firmware 46.83s user 67.52s system 94% cpu 2:00.73 total
root@archiso ~ #
root@archiso ~ # ls /mnt
bin boot dev etc home lib lib64 lost+found mnt opt proc root run sbin srv sys tmp usr var
root@archiso ~ #
Fstab
root@archiso ~ # genfstab -U /mnt >> /mnt/etc/fstab
root@archiso ~ #
root@archiso ~ # cat /mnt/etc/fstab
# Static information about the filesystems.
# See fstab(5) for details.
# <file system> <dir> <type> <options> <dump> <pass>
# /dev/mapper/MyVolGroup-root
UUID=32ecaacb-9008-4a2d-b828-66c486abf2ff / ext4 rw,relatime 0 1
# /dev/mapper/MyVolGroup-home
UUID=0ceb6b6d-6451-441c-8296-1b095ceda30f /home ext4 rw,relatime 0 2
# /dev/sda1
UUID=0154-A836 /boot vfat rw,relatime,fmask=0022,dmask=0022,codepage=437,iocharset=ascii,shortname=mixed,utf8,errors=remount-ro 0 2
# /dev/mapper/MyVolGroup-swap
UUID=131734f8-1a82-43e6-9b11-ec93baddf428 none swap defaults 0 0
root@archiso ~ #
Chroot
root@archiso ~ # arch-chroot /mnt
[root@archiso /]#
Essential packages
[root@archiso /]# pacman -Syu vim which sudo man-db man-pages texinfo intel-ucode lvm2
Time
[root@archiso /]# ln -sf /usr/share/zoneinfo/Europe/Berlin /etc/localtime
[root@archiso /]#
[root@archiso /]# stat /etc/localtime
File: /etc/localtime -> /usr/share/zoneinfo/Europe/Berlin
Size: 33 Blocks: 0 IO Block: 4096 symbolic link
Device: 253,2 Inode: 1146 Links: 1
Access: (0777/lrwxrwxrwx) Uid: ( 0/ root) Gid: ( 0/ root)
Access: 2025-11-03 19:19:58.977066767 +0100
Modify: 2025-11-03 19:18:52.631543583 +0100
Change: 2025-11-03 19:18:52.631543583 +0100
Birth: 2025-11-03 19:18:52.631543583 +0100
[root@archiso /]#
[root@archiso /]# hwclock --systohc
[root@archiso /]#
[root@archiso /]# date
Mon Nov 3 19:20:26 CET 2025
[root@archiso /]#
Localization
[root@archiso /]# vim /etc/locale.gen
[root@archiso /]#
--->>> uncomment en_US.UTF-8 UTF-8
[root@archiso /]# locale-gen
Generating locales...
en_US.UTF-8... done
Generation complete.
[root@archiso /]#
[root@archiso /]# vim /etc/locale.conf
[root@archiso /]#
[root@archiso /]# cat /etc/locale.conf
LANG=en_US.UTF-8
[root@archiso /]#
Network
[root@archiso /]# systemctl enable systemd-networkd.service
Created symlink '/etc/systemd/system/dbus-org.freedesktop.network1.service' → '/usr/lib/systemd/system/systemd-networkd.service'.
Created symlink '/etc/systemd/system/multi-user.target.wants/systemd-networkd.service' → '/usr/lib/systemd/system/systemd-networkd.service'.
Created symlink '/etc/systemd/system/sockets.target.wants/systemd-networkd.socket' → '/usr/lib/systemd/system/systemd-networkd.socket'.
Created symlink '/etc/systemd/system/sockets.target.wants/systemd-networkd-varlink.socket' → '/usr/lib/systemd/system/systemd-networkd-varlink.socket'.
Created symlink '/etc/systemd/system/sysinit.target.wants/systemd-network-generator.service' → '/usr/lib/systemd/system/systemd-network-generator.service'.
Created symlink '/etc/systemd/system/network-online.target.wants/systemd-networkd-wait-online.service' → '/usr/lib/systemd/system/systemd-networkd-wait-online.service'.
[root@archiso /]#
[root@archiso /]# systemctl enable systemd-resolved.service
Created symlink '/etc/systemd/system/dbus-org.freedesktop.resolve1.service' → '/usr/lib/systemd/system/systemd-resolved.service'.
Created symlink '/etc/systemd/system/sysinit.target.wants/systemd-resolved.service' → '/usr/lib/systemd/system/systemd-resolved.service'.
Created symlink '/etc/systemd/system/sockets.target.wants/systemd-resolved-varlink.socket' → '/usr/lib/systemd/system/systemd-resolved-varlink.socket'.
Created symlink '/etc/systemd/system/sockets.target.wants/systemd-resolved-monitor.socket' → '/usr/lib/systemd/system/systemd-resolved-monitor.socket'.
[root@archiso /]#
[root@archiso /]# ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DEFAULT group default qlen 1000
link/ether 00:50:56:9c:8e:28 brd ff:ff:ff:ff:ff:ff
altname enp2s1
altname enx0050569c8e28
[root@archiso /]#
[root@archiso /]# vim /etc/systemd/network/20-wired.network
[root@archiso /]#
[root@archiso /]# cat /etc/systemd/network/20-wired.network
[Match]
Name=ens33
[Link]
RequiredForOnline=routable
[Network]
DHCP=yes
[root@archiso /]#
[root@archiso /]# vim /etc/hostname
[root@archiso /]# cat /etc/hostname
demo-arch-linux
[root@archiso /]#
Initramfs
[root@archiso /]# vim /etc/mkinitcpio.conf
[root@archiso /]#
HOOKS=(base systemd autodetect microcode modconf kms keyboard sd-vconsole block sd-encrypt lvm2 filesystems fsck)
[root@archiso /]# ls /usr/share/kbd/consolefonts/ | grep latar
latarcyrheb-sun16.psfu.gz
latarcyrheb-sun32.psfu.gz
[root@archiso /]# vim /etc/vconsole.conf
[root@archiso /]#
[root@archiso /]# cat /etc/vconsole.conf
FONT=latarcyrheb-sun32
[root@archiso /]#
[root@archiso /]# mkinitcpio -P
==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'default'
==> Using default configuration file: '/etc/mkinitcpio.conf'
-> -k /boot/vmlinuz-linux -g /boot/initramfs-linux.img
==> Starting build: '6.17.6-arch1-1'
-> Running build hook: [base]
-> Running build hook: [systemd]
-> Running build hook: [autodetect]
-> Running build hook: [microcode]
-> Running build hook: [modconf]
-> Running build hook: [kms]
-> Running build hook: [keyboard]
-> Running build hook: [sd-vconsole]
-> Running build hook: [block]
-> Running build hook: [sd-encrypt]
==> WARNING: Possibly missing firmware for module: 'qat_6xxx'
-> Running build hook: [lvm2]
-> Running build hook: [filesystems]
-> Running build hook: [fsck]
==> Generating module dependencies
==> Creating zstd-compressed initcpio image: '/boot/initramfs-linux.img'
-> Early uncompressed CPIO image generation successful
==> Initcpio image generation successful
==> Building image from preset: /etc/mkinitcpio.d/linux.preset: 'fallback'
==> Using default configuration file: '/etc/mkinitcpio.conf'
-> -k /boot/vmlinuz-linux -g /boot/initramfs-linux-fallback.img -S autodetect
==> Starting build: '6.17.6-arch1-1'
-> Running build hook: [base]
-> Running build hook: [systemd]
-> Running build hook: [microcode]
-> Running build hook: [modconf]
-> Running build hook: [kms]
==> WARNING: Possibly missing firmware for module: 'ast'
-> Running build hook: [keyboard]
==> WARNING: Possibly missing firmware for module: 'xhci_pci_renesas'
-> Running build hook: [sd-vconsole]
-> Running build hook: [block]
==> WARNING: Possibly missing firmware for module: 'qla2xxx'
==> WARNING: Possibly missing firmware for module: 'bfa'
==> WARNING: Possibly missing firmware for module: 'qla1280'
==> WARNING: Possibly missing firmware for module: 'aic94xx'
==> WARNING: Possibly missing firmware for module: 'qed'
==> WARNING: Possibly missing firmware for module: 'wd719x'
-> Running build hook: [sd-encrypt]
==> WARNING: Possibly missing firmware for module: 'qat_6xxx'
-> Running build hook: [lvm2]
-> Running build hook: [filesystems]
-> Running build hook: [fsck]
==> Generating module dependencies
==> Creating zstd-compressed initcpio image: '/boot/initramfs-linux-fallback.img'
-> Early uncompressed CPIO image generation successful
==> Initcpio image generation successful
[root@archiso /]#
Boot loader
[root@archiso /]# bootctl install
Running in a chroot, enabling --graceful.
Created "/boot/EFI".
Created "/boot/EFI/systemd".
Created "/boot/EFI/BOOT".
Created "/boot/loader".
Created "/boot/loader/keys".
Created "/boot/loader/entries".
Created "/boot/EFI/Linux".
Copied "/usr/lib/systemd/boot/efi/systemd-bootx64.efi" to "/boot/EFI/systemd/systemd-bootx64.efi".
Copied "/usr/lib/systemd/boot/efi/systemd-bootx64.efi" to "/boot/EFI/BOOT/BOOTX64.EFI".
⚠️ Mount point '/boot' which backs the random seed file is world accessible, which is a security hole! ⚠️
⚠️ Random seed file '/boot/loader/.#bootctlrandom-seed08212d983bbd66a1' is world accessible, which is a security hole! ⚠️
Random seed file /boot/loader/random-seed successfully written (32 bytes).
Not booted with EFI or running in a container, skipping EFI variable modifications.
[root@archiso /]#
[root@archiso /]# cd /boot/
[root@archiso boot]# ls -la
total 262440
drwxr-xr-x 4 root root 4096 Jan 1 1970 .
drwxr-xr-x 17 root root 4096 Nov 3 19:14 ..
drwxr-xr-x 5 root root 4096 Nov 3 19:42 EFI
-rwxr-xr-x 1 root root 218041876 Nov 3 19:40 initramfs-linux-fallback.img
-rwxr-xr-x 1 root root 20867540 Nov 3 19:39 initramfs-linux.img
-rwxr-xr-x 1 root root 13286400 Aug 12 19:02 intel-ucode.img
drwxr-xr-x 4 root root 4096 Nov 3 19:42 loader
-rwxr-xr-x 1 root root 16519359 Nov 3 19:14 vmlinuz-linux
[root@archiso boot]#
[root@archiso boot]# cd loader/
[root@archiso loader]# ls
entries entries.srel keys loader.conf random-seed
[root@archiso loader]# cd entries
[root@archiso entries]# blkid
/dev/mapper/MyVolGroup-swap: UUID="131734f8-1a82-43e6-9b11-ec93baddf428" TYPE="swap"
/dev/sr0: BLOCK_SIZE="2048" UUID="2025-10-01-16-09-23-00" LABEL="ARCH_202510" TYPE="iso9660" PTUUID="5f1a4092" PTTYPE="dos"
/dev/mapper/MyVolGroup-root: UUID="32ecaacb-9008-4a2d-b828-66c486abf2ff" BLOCK_SIZE="4096" TYPE="ext4"
/dev/loop0: BLOCK_SIZE="1048576" TYPE="squashfs"
/dev/mapper/cryptlvm: UUID="ghjV5b-IQeM-ISp6-8ncM-Wsvc-rwKB-wWMPuS" TYPE="LVM2_member"
/dev/sda2: UUID="6577f4f5-d07c-492d-89be-a03c40520846" TYPE="crypto_LUKS" PARTUUID="e4f38b68-02" <<<---------------- THIS ONE!
/dev/sda1: UUID="0154-A836" BLOCK_SIZE="512" TYPE="vfat" PARTUUID="e4f38b68-01"
/dev/mapper/MyVolGroup-home: UUID="0ceb6b6d-6451-441c-8296-1b095ceda30f" BLOCK_SIZE="4096" TYPE="ext4"
[root@archiso entries]#
[root@archiso entries]# vim arch.conf
[root@archiso entries]#
[root@archiso entries]# cat arch.conf
title Arch Linux
linux /vmlinuz-linux
initrd /initramfs-linux.img
options rd.luks.name=6577f4f5-d07c-492d-89be-a03c40520846=MyVolGroup root=/dev/MyVolGroup/root rw
[root@archiso entries]#
Root password
[root@archiso /]# passwd
New password:
Retype new password:
passwd: password updated successfully
[root@archiso /]#
Add user
[root@archiso /]# useradd -m antonis
[root@archiso /]# passwd antonis
New password:
Retype new password:
passwd: password updated successfully
[root@archiso /]#
[root@archiso /]# usermod -aG wheel antonis
[root@archiso /]#
[root@archiso /]# groups antonis
antonis : antonis wheel
[root@archiso /]#
[root@archiso /]# visudo
[root@archiso /]#
## Uncomment to allow members of group wheel to execute any command
%wheel ALL=(ALL:ALL) ALL
[root@archiso /]#
Reboot
[root@archiso /]# exit
exit
arch-chroot /mnt 88.54s user 148.97s system 10% cpu 36:03.26 total
root@archiso ~ # reboot
Post-Installation
[antonis@demo-arch-linux ~]$ sudo pacman -Syu openssh
[antonis@demo-arch-linux ~]$ sudo systemctl enable --now sshd.service
[antonis@demo-arch-linux ~]$ systemctl status sshd.service
● sshd.service - OpenSSH Daemon
Loaded: loaded (/usr/lib/systemd/system/sshd.service; enabled; preset: disabled)
Active: active (running) since Mon 2025-11-03 19:57:22 CET; 2min 14s ago
Invocation: 5d0cec3262b447aca06f87c9961dc5f8
Docs: man:sshd(8)
man:sshd_config(5)
Main PID: 728 (sshd)
Tasks: 1 (limit: 4621)
Memory: 3.6M (peak: 21.2M)
CPU: 166ms
CGroup: /system.slice/sshd.service
└─728 "sshd: /usr/bin/sshd -D [listener] 0 of 10-100 startups"
Nov 03 19:57:22 demo-arch-linux systemd[1]: Starting OpenSSH Daemon...
Nov 03 19:57:22 demo-arch-linux sshd[728]: Server listening on 0.0.0.0 port 22.
Nov 03 19:57:22 demo-arch-linux sshd[728]: Server listening on :: port 22.
Nov 03 19:57:22 demo-arch-linux systemd[1]: Started OpenSSH Daemon.
Nov 03 19:57:41 demo-arch-linux sshd-session[747]: Connection closed by 10.10.10.15 port 49935 [preauth]
Nov 03 19:58:13 demo-arch-linux sshd-session[749]: Accepted password for antonis from 10.10.10.15 port 49936 ssh2
Nov 03 19:58:13 demo-arch-linux sshd-session[749]: pam_unix(sshd:session): session opened for user antonis(uid=1000) by ant>
[antonis@demo-arch-linux ~]$
on ⛵ default in default (default) ~ took 4m7s
❯ ssh-copy-id -i ~/.ssh/id_rsa.pub [email protected]
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/Users/antonis/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already installed
/usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]'s password:
Number of key(s) added: 1
Now try logging into the machine, with: "ssh -i /Users/antonis/.ssh/id_rsa '[email protected]'"
and check to make sure that only the key(s) you wanted were added.
[antonis@demo-arch-linux ~]$ ls -la ~/.ssh
total 12
drwx------ 2 antonis antonis 4096 Nov 3 20:02 .
drwx------ 3 antonis antonis 4096 Nov 3 20:02 ..
-rw------- 1 antonis antonis 757 Nov 3 20:02 authorized_keys
[antonis@demo-arch-linux ~]$
drwx------ (700) ~/.ssh/ ✓ Correct
-rw------- (600) ~/.ssh/authorized_keys ✓ Correct
Both the directory and the authorized_keys file have the exact permissions SSH requires:
- 700 on ~/.ssh - only you can read, write, and execute (enter the directory)
- 600 on authorized_keys - only you can read and write the file
Verify
[antonis@demo-arch-linux ~]$ pstree
systemd─┬─dbus-broker-lau───dbus-broker
├─login───bash
├─sshd───sshd-session───sshd-session───bash───pstree
├─systemd───(sd-pam)
├─systemd-journal
├─systemd-logind
├─systemd-network
├─systemd-resolve
├─systemd-udevd
└─systemd-userdbd───3*[systemd-userwor]
[antonis@demo-arch-linux ~]$
[antonis@demo-arch-linux ~]$ df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/MyVolGroup-root 5.9G 2.2G 3.4G 39% /
devtmpfs 1.9G 0 1.9G 0% /dev
tmpfs 2.0G 0 2.0G 0% /dev/shm
efivarfs 256K 54K 198K 22% /sys/firmware/efi/efivars
tmpfs 782M 632K 782M 1% /run
tmpfs 1.0M 0 1.0M 0% /run/credentials/systemd-journald.service
tmpfs 1.0M 0 1.0M 0% /run/credentials/systemd-resolved.service
tmpfs 2.0G 0 2.0G 0% /tmp
tmpfs 1.0M 0 1.0M 0% /run/credentials/systemd-networkd.service
/dev/mapper/MyVolGroup-home 6.8G 1.8M 6.5G 1% /home
/dev/sda1 1022M 257M 766M 26% /boot
tmpfs 1.0M 0 1.0M 0% /run/credentials/[email protected]
tmpfs 391M 4.0K 391M 1% /run/user/1000
[antonis@demo-arch-linux ~]$
[antonis@demo-arch-linux ~]$ free -h
total used free shared buff/cache available
Mem: 3.8Gi 384Mi 3.5Gi 640Ki 176Mi 3.4Gi
Swap: 2.0Gi 0B 2.0Gi
[antonis@demo-arch-linux ~]$
[antonis@demo-arch-linux ~]$ top
top - 20:06:33 up 11 min, 2 users, load average: 0.01, 0.08, 0.08
Tasks: 171 total, 1 running, 170 sleep, 0 d-sleep, 0 stopped, 0 zombie
%Cpu(s): 0.0 us, 4.5 sy, 0.0 ni, 95.5 id, 0.0 wa, 0.0 hi, 0.0 si, 0.0 st
MiB Mem : 3909.1 total, 3551.8 free, 386.7 used, 176.5 buff/cache
MiB Swap: 2048.0 total, 2048.0 free, 0.0 used. 3522.4 avail Mem
PID USER PR NI VIRT RES SHR S %CPU %MEM TIME+ COMMAND
186 root 20 0 0 0 0 I 9.0 0.0 0:08.72 kworker/1:2-events
968 antonis 20 0 11268 7432 5228 R 9.0 0.2 0:00.02 top
1 root 20 0 23452 14976 10148 S 0.0 0.4 0:03.18 systemd