LDAP auth via SSH
-
Hi all,
I'm working on beefing up my security a bit and want to get away from Local Database Auth and have my team log in with individual credentials - I have LDAP working with myG SuiteGoogle Workspace Directory and GUI logins are fine, but no luck with SSH.I see a couple posts asking about this from a few years back but no seemingly no resolution, any help?
Thanks!
-
You want to use LDAP over SSH, like via an SSH tunnel?
Or you want to authenticate SSH logins using LDAP?
Steve
-
It's not yet possible for SSH users to login via LDAP: https://redmine.pfsense.org/issues/8698
-
@stephenw10 I want to authenticate SSH logins to PFsense via LDAP.
-
@jimp Thanks for the info, do you have the power/ability to make it happen? If so what's your price? (not a joke)
Otherwise, can I use any external authentication server like RADIUS or am I stuck with local authentication for SSH sessions?
-
@mogarchy said in LDAP auth via SSH:
@jimp Thanks for the info, do you have the power/ability to make it happen? If so what's your price? (not a joke)
Otherwise, can I use any external authentication server like RADIUS or am I stuck with local authentication for SSH sessions?
RADIUS shell authentication is implemented in 2.5:
https://redmine.pfsense.org/issues/10545