SSH and FRR Question



  • Hi All,

    I installed FRR package in my PFSense. I want to create a new user to manage FRR through SSH directly. Can I create user account who can login the vtysh console directly? Also it cannot control the Pfsense bash shell.

    Thanks,
    Tom


  • Netgate Administrator

    No, I don't believe that's possible. If the user has sufficient privileges to access vtysh they will be able to access pfSense.
    At least using the built in user priviledge management.

    I guess I could imagine a user who's default shell spawned vtysh.... 🤔 It would probably be relatively easy to escape though.

    Steve


Log in to reply