SSH Key only Login [patch]

Spida

I wrote a patch for it that is intended to do the following things:

• Disable Login for SSH via Password (Login with SSH-Key is still available, as is Login to the WEBUI via Password)

• Make that Configurable via the WEBUI (Switch is in the System->advanced section)

• Make it possible to upload a authorized_keys file for root (Pastebox is in the System->advanced section, too)

The patch is available here:
http://www.spida.net/projects/pfsense/

JeGr

@devs: Any chance this appearing in head? ;) Would really appreciate it as an advanced security feature. Nice work to Spida btw :)

sullrich

It was commited yesterday to HEAD.

JeGr

awarded for hero of the month :D

buraglio

This is much better than the crappy patch I wrote to do this.  Kudos.

nb

msatter

Any chance this will be implementedin a future version and I don't want to run the patch on 1.01. I now create an .ssh dir and put my RSA key in the authorized_keys file. Then I edit my /etc/sshd file to only enable RSA login and disable the password login.

It also would be nice to be able to backup the collected RRD database and to be able to resotore it in the new version.

Thanks in advance, Marcel

molar

Has this patch been updated for 1.0.1? Thanks.

hoba

This won't appear in before the next MAJOR Version.