SSH is a networking protocol that allows encrypted communication between two nodes. Enabling SSH will allow you to gain access to the pfSense console remotely, as if you were at the console.
- Navigate to
- In the Secure Shell section of the page, check the
Enable Secure Shellcheckbox:
- With the current settings, you will be prompted for a username and password when logging into the console remotely. But by changing theSSHd Key Onlysetting toPublic Key Only, you can set it so that only logins with a public key will be allowed. See the next recipe for details on how to generate an RSA public key.
- Leave SSH port set to the default, port 22.
- When you are done, click on the
Enabling Secure Shell in pfSense turns on pfSense’s internal SSH server, which causes pfSense to listen for login attempts on the SSH port (in this case, port
Using RSA keys for SSH login is an effective way of securing your system. You can also change the SSH port; this should result in fewer unauthorized login attempts, though you will have to remember the new SSH port.