SSH login using default user “admin”
-
Which version do you use on what kind of platform?
Might it be a read-only mounted file system? It should commit changes but… -
Strange.
I'm using a Putty session, with "admin" as the auto-login user name.
But I'm NOT using the password related to the "pfSense's admin user ;)
I generated and use key for authentication - have to type in the passphrase of the key :Using username "admin". Authenticating with public key "rsa-key-20150201" Passphrase for key "rsa-key-20150201": pfSense - Netgate Device ID: 20bbccdf95385caaa087 *** Welcome to pfSense 2.4.2-RELEASE (amd64) on pfsense *** ...
Works great.
-
Which version do you use on what kind of platform?
Might it be a read-only mounted file system? It should commit changes but…It’s vs 2.4.2 on a minisys n10e. The SSD is formatted ZFS but also had the same issue with UFS.
As far as I can tell only the password is effected by rebooting and only for ssh. The same user/password is used for webgui login without any issues. Don’t see any other settings/configurations that are getting lost on reboot.
-
I'm with you here, and with @johnpoz : It's really time that we all (you inclusive !!) see some logs now.
-
I'm with you here, and with @johnpoz : It's really time that we all (you inclusive !!) see some logs now.
I'd be glad to post them, but as far as I can tell nothing is being logged on the failed attempts. The only log entries I can find are for successful logins after editing the admin user. Do I need to check something other than system logs?
-
Did you move ssh to a different port? Or maybe you have a port forward or other NAT setup which might be redirecting that port to something else?
-
I changed ssh to port 2222 so to login I’m using ssh root@ <ip>-p 2222. I’ll get a prompt for a password. Sometimes the password works and sometimes I get “connection terminated” and nothing is logged on the firewall.</ip>
-
… Sometimes the password works and sometimes I get “connection terminated”...
sshd_config. -> LoginGraceTime 30s
-
I just moved the "22" port to "2222" (why 2222 ? a port scan on your LAN will find it in less then 1 second).
In reverse order :
Dec 2 09:46:51 sshd 8263 Accepted keyboard-interactive/pam for admin from 192.168.1.6 port 50087 ssh2
Dec 2 09:46:48 sshd 8263 error: PAM: authentication error for admin from 192.168.1.6
Dec 2 09:46:45 sshd 8263 error: PAM: authentication error for admin from 192.168.1.6
Dec 2 09:46:22 sshd 59619 Server listening on 0.0.0.0 port 2222.
Dec 2 09:46:22 sshd 59619 Server listening on :: port 2222.
Dec 2 09:46:21 check_reload_status starting sshd
Dec 2 09:46:21 php-fpm 75193 /system_advanced_admin.php: secure shell configuration has changed. Restarting sshd.
Dec 2 09:46:21 php-fpm 75193 /system_advanced_admin.php: secure shell configuration has changed. Stopping sshd.Logs work fine for me …. something's up with your system.
-
something's up with your system.
I think you are probably correct. Not sure, but I suspect that an incorrect password wouldn’t result in a terminated connection but rather an error about invalid password and a prompt for another one. I also can’t receive Growl notifications on the same system even though pfSense shows that they are being sent successfully.
I’ve installed a public key on the system and we’ll see how that works. So far no problems.