Enabling SSH access
This recipe describes how to enable the Secure Shell service in pfSense, thus making remote console login possible.
SSH is a networking protocol that allows encrypted communication between two nodes. Enabling SSH will allow you to gain access to the pfSense console remotely, as if you were at the console.
How to do it...
- Navigate to
System
|Advanced
. - In the Secure Shell section of the page, check the
Enable Secure Shell
checkbox:
- With the current settings, you will be prompted for a username and password when logging into the console remotely. But by changing theSSHd Key Onlysetting toPublic Key Only, you can set it so that only logins with a public key will be allowed. See the next recipe for details on how to generate an RSA public key.
- Leave SSH port set to the default, port 22.
- When you are done, click on the
Save
button.
How it works...
Enabling Secure Shell in pfSense turns on pfSense’s internal SSH server, which causes pfSense to listen for login attempts on the SSH port (in this case, port 22
).
There's more...
Using RSA keys for SSH login is an effective way of securing your system. You can also change the SSH port; this should result in fewer unauthorized login attempts, though you will have to remember the new SSH port.
See also
- The Generating authorized RSA keys recipe in this chapter
- The Enabling RSA key authentication recipe in this chapter