Possible to change password through SSH?

eric.mak

Hi guys,

I want to know is it possible to change web gui login password through simple SSH command like "passwd"?

My organization wants to use password management software to control the passwords of the whole infrastructure and that required able to access the device through remote access and support using command to change the password.

The idea is we have to apply through the software to retrieve the password & the password will change after each use by the software.

I tried to search but seems pfsense does not support such function, so is it impossible to do so or have some work around can achieve the goal?

Thanks in advance.

Gertjan

@eric-mak

Noop.
A default 'FreeBSD' would permit the change of a password like that.
But, pfSense is not FreeBSD, it's is based on FreeBSD, and has a GUI for all the maintenance.

Take note : the SSH should be used only ones with a 'user' (admin) and a password.
After that, you create a certificate, and use it with the SSH client. You can now chose not to use the password any more.

and :

I'm using the admin password only for the GUI access - and this access only works on a "LAN" physically accesible to me.

@eric-mak said in Possible to change password through SSH?:

The idea is we have to apply through the software to retrieve the password & the password will change after each use by the software.

That's a bit strict.
As said above, access pfSense on a reserved LAN.
And use certs when accessing SSH - if you want pfSense to be accessible from the outside, use a VP connection.

jimp

You can:

pfSsh.php playback changepassword <username>

Though I'm not sure it would be easy to automate that since it expects user input for the password. We don't allow entering the password in the command line parameters in that script since it's not secure.

You could look at /etc/phpshellsessions/changepassword and make your own copy that does what you want in a more script-friendly way.