SSH key wiped after reboot



  • Hello, simply would like to save my public ssh key in pfSense.
    Key is copied, with this command which always works to other machines:
    (host computer) $ cat ~/.ssh/id_rsa.pub | ssh <client username(root)>@<client IP address(192.168.1.y)> "mkdir -p ~/.ssh && cat >> ~/.ssh/authorized_keys" > Enter > password: <enter client password> > Enter > ssh <client username(root)@<client IP address(192.168.1.y) > Enter > should access without password.

    This all works, however after a reboot, the public key is gone from pfSense?


  • Netgate Administrator

    You can just add you public key to your user via the user manager and it is then stored in the config.

    Steve



  • @eiger3970 Paste the key here, see the image below. It's the pfSense user manager that has to place in the key in the /etc/ssh folder...not the user as Steve points out.

    Screen Shot 2020-02-26 at 10.08.13 PM.png



  • @eiger3970 said in SSH key wiped after reboot:

    This all works, however after a reboot, the public key is gone from pfSense?

    I'm following the latest 2.4.5 RC versions, so reboot my pfSense every day.
    This file : authorized_keys :

    [2.4.5-RC][root@pfsense.brit-hotel-fumel.net]/root: ls -al .ssh
    total 20
    drwx------ 2 root wheel 512 Jan 30 16:05 .
    drwxr-xr-x 3 root wheel 1024 Feb 25 16:12 ..
    -rw-r--r-- 1 root wheel 397 Feb 26 14:27 authorized_keys
    -rw------- 1 root wheel 1679 May 16 2016 diskstation-openssh-private
    -rw-r--r-- 1 root wheel 1003 May 21 2019 known_hosts

    is still there - for the last ... 10 years or so.

    @eiger3970 said in SSH key wiped after reboot:

    the public key is gone

    Like the authorized_keys is gone ?
    Like the file authorized_keys is recerated and empty.
    All root/.ssh is gone (a hidden folder) ?

    I was using the method also, up until before yesterday.
    But it would not survive a re install, which is actually no problem, because there is a much better "GUI" solution as @NollipfSense pointed out.



  • Thanks, this really worked.
    Disappointed I can't use my CLI Shell to copy across, but at least it's working.


Log in to reply