archlinux 连接网络，及使用ssh登录。

一、静态ip连接网络

# systemctl stop dhcpcd.service

Identify the name of your Ethernet interface.

# ip link

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:002: enp2s0f0: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT qlen 1000    link/ether 00:11:25:31:69:20 brd ff:ff:ff:ff:ff:ff3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT qlen 1000    link/ether 01:02:03:04:05:06 brd ff:ff:ff:ff:ff:ff

In this example, the Ethernet interface is enp2s0f0. If you are unsure, your Ethernet interface is likely to start with the letter "e", and unlikely to be "lo" or start with the letter "w".

# ip link set enp2s0f0 up

Add the address:

# ip addr add ip_address/mask_bits dev interface_name

For example:

# ip addr add 192.168.1.2/24 dev enp2s0f0

For more options, run man ip.

Add your gateway like this, substituting your own gateway's IP address:

# ip route add default via ip_address

For example:

# ip route add default via 192.168.1.1

Edit resolv.conf, substituting your name servers' IP addresses and your local domain name:

# nano /etc/resolv.confnameserver 61.23.173.5nameserver 61.95.849.8search example.com

二、配置ssh

编辑/etc/ssh/sshd_config文件，去掉一些注释修改一些值就行了，我的配置文件在第二页。
挑sshd_config文件中几个常用的选项稍微介绍一下，详细的说明可以man sshd_config来查看。
 
Port 一看就是开放的端口，可以更改端口，这样可以防止一些扫描软件的扫描，能略微增加一些安全性，但是连接的时候请指出连接端口，否则不能连上。ListenAddress 用来指定监听IP，如果你的电脑上有多块网卡，可以用这个来指定一个网卡对应的IP。Protocol 是指定SSH用的协议。SSH有两个协议，其中1被认为不安全，通常使用2。如果两个协议都要用，请在1和2之间用逗号分隔。HostKey 系列用于指定主机私钥放置地址，可以看到有分别指定协议1和2。KeyRegenerationInterval 是协议1中设置每隔一段时间重新建立一次公钥，以防止公钥被偷造成损失，实用协议2可以忽略这个参数。ServerKeyBits 用于设置密钥长度，保持默认值。SyslogFacility 是用于指定SSH的日志记录在什么daemon name下，默认的AUTH是指/var/log/secure。LoginGaceTime 设置用户在连接上SSH时出现输入密码登录的画面的停留时间，时间单位为秒。PermitRootLogin 指定是否允许root登录，SSH出于安全考虑默认是不允许root登录的，如果你非要允许就写yes吧，不过请设下更多安全策略来保护你的系统。StrictModes 设置当用户的host key改变之后服务端就拒绝联机，可以抵挡部分木马。MaxAuthTries 设置登录时密码尝试的最大次数，可以抵御居心不良者不停尝试密码。MaxSessions 设置允许的最多同时连接数。RSAAuthentication 选择是否使用纯RSA认证，这个设置只针对协议1。PubkeyAuthentication 是否允许公钥，只针对协议2，这里要允许。AuthorizedKeysFile 此处设置不需要密码登录的帐号，即这个帐号存放文件所在的文件名，很重要，文件名请牢记。RhostsRSAAuthentication 专为协议1设置，实用rhosts文件在/etc/hosts.equiv配合RSA算法来认证，建议不使用。HostbasedAuthentication 与上一个类似，不过专为协议2设置。IgnoreUserKnownHosts 设置是否忽略默认目录内的~/.ssh/known_hosts文件中记录的主机内容，这里请不要忽略，设置为no。IgnoreRhosts 忽略~/.ssh/.rhosts来认证，要取消。PasswordAuthentication 密码验证，这当然是需要的，设置为yes。PermitEmptyPasswords 是否允许以空密码登录，请设置为no来拒绝危险的空密码登录。ChallengeResponseAuthentication 是否允许任何的密码认证，即任何login.conf规定的认证方式均可适用，不过还是通过PAM模块来管理认证比较合适一点，可以设置为no。UsePAM 设置使用PAM来管理认证，建议设置为yes。PrintMotd 设置登录后是否显示一些信息，即打印出/etc/motd文件的内容，考虑到安全可以设置为no。PrintLastLog 设置登录时打印最后一次登录记录。TCPKeepAlive 设置了yes的话服务端会传送KeepAlive信息给客户端以确保两者联机正常，有一端死掉的话SSH可以立刻知道并做出反应，避免僵尸程序。UseLogin SSH下不接受login这个程序的登录。UsePrivilegeSeparation 设置用户的权限，可以设为yes。Compression 设置是否可以是用压缩命令，可以设置为yes。PidFile 设置SSHD的pid文件放置位置。MaxStartups 设置同时允许几个尚未登录的联机画面，就是指连接上之后还没输入密码登录时的状态，已经登录的不在这个限制中。 下面是Kerberos相关的设置，如果有Kerberos主机才需要设置，没有就不用了KerberosAuthenticationKerberosOrLocalPasswdKerberosTicketCleanupKerberosGetAFSToken 下面两条是有关GSS的设置，不需要做什么GSSAPIAuthenticationGSSAPICleanupCredentials 下面是关于X-window的设置，视个人情况来定X11ForwardingX11DisplayOffsetX11UseLocalhost Subsystem   sftp    /usr/lib/ssh/sftp-server 这个是关于SFTP服务的设置，建议不要做更改
设置完成.
启动sshd服务：
# systemctl start sshd.sevice----------------------------------/etc/rc.d/sshd start

#   $OpenBSD: sshd_config,v 1.81 2009/10/08 14:03:41 markus Exp $ # This is the sshd server system-wide configuration file.  See# sshd_config(5) for more information. # This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin # The strategy used for options in the default sshd_config shipped with# OpenSSH is to specify options with their default value where# possible, but leave them commented.  Uncommented options change a# default value. Port 22#AddressFamily any#ListenAddress 0.0.0.0#ListenAddress :: # The default requires explicit activation of protocol 1Protocol 2 # HostKey for protocol version 1#HostKey /etc/ssh/ssh_host_key# HostKeys for protocol version 2#HostKey /etc/ssh/ssh_host_rsa_key#HostKey /etc/ssh/ssh_host_dsa_key # Lifetime and size of ephemeral version 1 server key#KeyRegenerationInterval 1hServerKeyBits 1024 # Logging# obsoletes QuietMode and FascistLoggingSyslogFacility AUTH#LogLevel INFO # Authentication: LoginGraceTime 1mPermitRootLogin noStrictModes yesMaxAuthTries 5#MaxSessions 10 #RSAAuthentication yes#PubkeyAuthentication yes#AuthorizedKeysFile .ssh/authorized_keys # For this to work you will also need host keys in /etc/ssh/ssh_known_hosts#RhostsRSAAuthentication no# similar for protocol version 2#HostbasedAuthentication no# Change to yes if you don't trust ~/.ssh/known_hosts for# RhostsRSAAuthentication and HostbasedAuthenticationIgnoreUserKnownHosts no# Don't read the user's ~/.rhosts and ~/.shosts filesIgnoreRhosts yes # To disable tunneled clear text passwords, change to no here!PasswordAuthentication yesPermitEmptyPasswords no # Change to no to disable s/key passwordsChallengeResponseAuthentication no # Kerberos options#KerberosAuthentication no#KerberosOrLocalPasswd yes#KerberosTicketCleanup yes#KerberosGetAFSToken no # GSSAPI options#GSSAPIAuthentication no#GSSAPICleanupCredentials yes # Set this to 'yes' to enable PAM authentication, account processing,# and session processing. If this is enabled, PAM authentication will# be allowed through the ChallengeResponseAuthentication and# PasswordAuthentication.  Depending on your PAM configuration,# PAM authentication via ChallengeResponseAuthentication may bypass# the setting of "PermitRootLogin without-password".# If you just want the PAM account and session checks to run without# PAM authentication, then enable this but set PasswordAuthentication# and ChallengeResponseAuthentication to 'no'.UsePAM yes #AllowAgentForwarding yes#AllowTcpForwarding yes#GatewayPorts no#X11Forwarding no#X11DisplayOffset 10#X11UseLocalhost yesPrintMotd noPrintLastLog yesTCPKeepAlive yesUseLogin noUsePrivilegeSeparation yes#PermitUserEnvironment no#Compression delayed#ClientAliveInterval 0#ClientAliveCountMax 3#UseDNS yes#PidFile /var/run/sshd.pidMaxStartups 10#PermitTunnel no#ChrootDirectory none # no default banner path#Banner none # override default of no subsystemsSubsystem   sftp    /usr/lib/ssh/sftp-server # Example of overriding settings on a per-user basis#Match User anoncvs#   X11Forwarding no#   AllowTcpForwarding no#   ForceCommand cvs server

三、配置root的密码：

# passwd

 

四、启动ssh终端，连接archlinux

http://sillydong.com/mysa/myserver/arch-ssh-server.html