How can I create a "User" using the command line?



  • I teach courses where I can have 80-100 students. I want to give each one of them VPN access while maintaining a record of who logs in to the VPN. Thus, I need a unique username/password for each user. I'm interested in writing a script that can generate, say, 100 users.

    P.S: I know someone will say why don't you want to use the Web GUI. The answer is: I will add 100 users then remove them then add another 100 users then remove them and so on. The GUI is not the right option for me.


  • Rebel Alliance Developer Netgate

    Use RADIUS for that, not the pfSense user manager.

    And not necessarily the pfSense FreeRADIUS package, but a separate RADIUS server. You could load your users in easily in most cases with RADIUS. OpenLDAP may also work for auth but tends to be more complicated to setup.



  • @jimp Thanks for the advice. I don't know how to implement the solution you proposed. If you have a link to a good tutorial I'll be thankful.


  • Galactic Empire

    Are you using IPsec or OpenVPN?



  • @nogbadthebad OpenVPN


  • Galactic Empire



  • @nogbadthebad It seems that I will still have to enter the username/password for every user through the GUI. Do you have a command that you used to create users through the cli after setting up the RADIUS as mentioned in the link you sent?


  • Galactic Empire

    I'd be tempted to create student001 to student100.

    You may be able to get clever and create student001 via the GUI, do a backup and take a text editor to the XML file to create the other 99 accounts.

    			<config>
    				<sortable></sortable>
    				<varusersusername>student1</varusersusername>
    				<varuserspassword>student1</varuserspassword>
    				<varuserspasswordencryption>Cleartext-Password</varuserspasswordencryption>
    				<varusersmotpenable></varusersmotpenable>
    				<varusersauthmethod>motp</varusersauthmethod>
    				<varusersmotpinitsecret></varusersmotpinitsecret>
    				<varusersmotppin></varusersmotppin>
    				<varusersmotpoffset></varusersmotpoffset>
    				<qrcodetext></qrcodetext>
    				<varuserswisprredirectionurl></varuserswisprredirectionurl>
    				<varuserssimultaneousconnect></varuserssimultaneousconnect>
    				<description></description>
    				<varusersframedipaddress></varusersframedipaddress>
    				<varusersframedipnetmask></varusersframedipnetmask>
    				<varusersframedroute></varusersframedroute>
    				<varusersvlanid></varusersvlanid>
    				<varusersexpiration></varusersexpiration>
    				<varuserssessiontimeout></varuserssessiontimeout>
    				<varuserslogintime></varuserslogintime>
    				<varusersamountoftime></varusersamountoftime>
    				<varuserspointoftime>Daily</varuserspointoftime>
    				<varusersmaxtotaloctets></varusersmaxtotaloctets>
    				<varusersmaxtotaloctetstimerange>daily</varusersmaxtotaloctetstimerange>
    				<varusersmaxbandwidthdown></varusersmaxbandwidthdown>
    				<varusersmaxbandwidthup></varusersmaxbandwidthup>
    				<varusersacctinteriminterval></varusersacctinteriminterval>
    				<varuserstopadditionaloptions></varuserstopadditionaloptions>
    				<varuserscheckitemsadditionaloptions></varuserscheckitemsadditionaloptions>
    				<varusersreplyitemsadditionaloptions>Class := &quot;admins&quot;</varusersreplyitemsadditionaloptions>
    			</config>```

Log in to reply