SSH and FRR Question

  • Hi All,

    I installed FRR package in my PFSense. I want to create a new user to manage FRR through SSH directly. Can I create user account who can login the vtysh console directly? Also it cannot control the Pfsense bash shell.


  • Netgate Administrator

    No, I don't believe that's possible. If the user has sufficient privileges to access vtysh they will be able to access pfSense.
    At least using the built in user priviledge management.

    I guess I could imagine a user who's default shell spawned vtysh.... 🤔 It would probably be relatively easy to escape though.


Log in to reply