This recipe describes how to enable the Secure Shell service in pfSense, thus making remote console login possible.
SSH is a networking protocol that allows encrypted communication between two nodes. Enabling SSH will allow you to gain access to the pfSense console remotely, as if you were at the console.
- Navigate to
System
|Advanced
. - In the Secure Shell section of the page, check the
Enable Secure Shell
checkbox:

- With the current settings, you will be prompted for a username and password when logging into the console remotely. But by changing theSSHd Key Onlysetting toPublic Key Only, you can set it so that only logins with a public key will be allowed. See the next recipe for details on how to generate an RSA public key.
- Leave SSH port set to the default, port 22.
- When you are done, click on the
Save
button.
Enabling Secure Shell in pfSense turns on pfSense’s internal SSH server, which causes pfSense to listen for login attempts on the SSH port (in this case, port 22
).