Book Image

pfSense 2.x Cookbook - Second Edition

By : David Zientara
Book Image

pfSense 2.x Cookbook - Second Edition

By: David Zientara

Overview of this book

pfSense is an open source distribution of the FreeBSD-based firewall that provides a platform for ?exible and powerful routing and firewalling. The versatility of pfSense presents us with a wide array of configuration options, which makes determining requirements a little more difficult and a lot more important compared to other offerings. pfSense 2.x Cookbook – Second Edition starts by providing you with an understanding of how to complete the basic steps needed to render a pfSense firewall operational. It starts by showing you how to set up different forms of NAT entries and firewall rules and use aliases and scheduling in firewall rules. Moving on, you will learn how to implement a captive portal set up in different ways (no authentication, user manager authentication, and RADIUS authentication), as well as NTP and SNMP configuration. You will then learn how to set up a VPN tunnel with pfSense. The book then focuses on setting up traffic shaping with pfSense, using either the built-in traffic shaping wizard, custom ?oating rules, or Snort. Toward the end, you will set up multiple WAN interfaces, load balancing and failover groups, and a CARP failover group. You will also learn how to bridge interfaces, add static routing entries, and use dynamic routing protocols via third-party packages.
Table of Contents (18 chapters)
Title Page
Copyright and Credits
About Packt

Generating authorized RSA keys

This recipe describes how to create an authorized RSA key so the user can log in to the pfSense console without using a password.

Getting ready

Linux and macOS users will need the ssh-keygen utility (installed by default in most cases). Windows users will need the puttygen utility.

How to do it...

For Linux/macOS users:

  1. In a Terminal window, type ssh-keygen and pressEnter
  2. Enter the name of the file in which to save the public key (or just accept the default value)
  3. Enter a passphrase for the new key (not necessary, but recommended)
  1. Enter the passphrase a second time for confirmation
  2. The program will now generate an RSA public key and save it to the file

For Windows users:

  1. Start the puttygen utility.
  2. In the Actions section, click on the Generate button to generate a public/private key pair:
  1. Move your mouse over the top section of the puttygen dialog box to generate random activity, as per puttygen's instructions.
  2. Enter a passphrase (not necessary, but recommended).
  3. Click on the Saveprivate key button and specify a filename for the private key (for example, MyPrivateKey.ppk).
  4. Highlight the public key that was created in the textbox and save it to a file (for example, MyPublicKey.txt). Do not use the Save public key button because it adds potentially incompatible text to the file.

How it works...

RSA has become a standard for securing client/server connections. A client generates a public/private key pair—a private key file and a public key file, and a possible passphrase for additional security. Any server can then request the client’s public key and add it to their system; that client can then authenticate without typing in a password.

See also

  • TheEnabling SSH accessrecipe
  • The Configuring SSH RSA key authenticationrecipe