My pfsense failed an audit by securitymetrics.com
-
Yep. That sounds about right. Are you running 1.2.3 also?
-
1.2.3-RELEASE
built on Mon Dec 7 20:21:30 EST 2009 -
Should I remove: rsa-key-20100303 from the end of the key?
-
Nope. I have that, too….
Please check when logged in that the key is really there....
cat .ssh/authorized_keys
-
you mean check via winscp?
-
No. Login via putty and ssh. And then do that command in /root
-
Seems to be going from Bad to worse.
I deleted the key and unchecked the box disabling password for SSH. No when I connect I get:
Disconnected: No Supported authentication methods available.
-
Use your console to connect to the box…
-
ok. Disables SSH and enabled and now I am back in.
cat: .ssh/authorized_keys: No such file or directory
-
Ok. So I repasted info and connected with private ket and got the following:
login as: root
Server refused our key
Using keyboard-interactive authentication.
Password:Though I was able to get through….
-
Also when you login as 'admin'?
-
I am able to get in no matter what…
-
Log in again and then do:
- cd /root
- cd .ssh
- ls -la (post output, there should be a authorized_keys files after you pasted your key via GUI)
Are you running on embedded?
-
Yes Embedded….
[1.2.3-RELEASE] [root@wall.test.local]/root(1): cd /root
[1.2.3-RELEASE] [root@wall.test.local]/root(2): cd .ssh
[1.2.3-RELEASE] [root@wall.test.local]/root/.ssh(3): ls -la
total 1
drwx–---- 2 root wheel 512 Mar 4 07:49 .
drwxr-xr-x 4 root wheel 512 Mar 4 05:08 ..
[1.2.3-RELEASE] [root@wall.test.local]/root/.ssh(4): -
So there is something wrong with your install. The authorized_keys file does not get created.
Try this:
- /etc/rc.conf_mount_rw
- then create the file manually with e.g. vi /root/.ssh/authorized_keys and paste in your key
- /etc/rc.conf_mount_ro
Then check again…
-
vi/root/.ssh/authorized_keys: Command not found.
-
here is a screen shot via winscp….
-
vi and a [space] after that…
-
here is a screen shot via winscp….
So? That is /etc/ssh and on your box…
You generated the key on your windows system, didn't you?
The keys need to be in /root/.ssh/ -
Still no go. Where can I find that file I created? I can log in even though the data shows as there in advanced.