Connecting initial time, after securing SSH service (sshd) by Gentoo suggested manual configuration elevation it’s a normal practice to engage in literal user (home user) adding on by ssh-copy-id brilius@pbriliusch, authorizing public ed25519 key and logging in afterwards eventually.
However, some minor discrepancies can be seen in this way – e. g. SSH domain in AllowUsers line are overwhelming, not necessary to specify because of the following reasons:
- Domain isn’t necesary attribute to direct individually, because logging in from public Wifi hotspots like airports, cafes, or even work (city office) is requiring additionally to add up their (often dynamic public IP) to the whitelist, which is a tremendous burden.
- Adding up localhost and /etc/hosts entries doesn’t work, indicating that your laptop is refusing to login home user, the only using laptop LCD screen (i. e. Wayland X server) – a. k. a. Gentoo Gnome XDG_SESSION_TYPE; the SSH daemon (sshd) isn’t recognising its own laptop hostname, rather than that, referring back to if a IP address (IPv4, IPv6).
The inferring directions of this setup is the secured SSH tunelling to a home user – laptop owner – from unrestricted locations – and the unburdened load of discrepancy investigating specific domains individually.