Pfsense Remote Access



  • I'm sure this question has been answered and am sorry for asking it again. But if someone could point me in the right direction or tell me how it would be great. I want to know how to setup pfsense so that i can use putty to ssh into pfsense from a remote location, say work. I am currently using dd-wrt and they have a setting under Adminstration that lets you remote access. does pfsense have a similar option?



  • Advanced > Enable Secure Shell



  • I thought enable secure shell was to for sshing within your network. will this allow me to ssh from say work and access pfsense (localhost:5000) and be able to make changes?



  • Hi,

    Can someone please tell me how to create users for the purpose of ssh tunnelling? Olaf posted something in the other thread but its locked.. anyway I did:

    router:~# pw user add -n deviate -c "Deviate" -d /home/none -s /bin/sh

    Also did "su" to root? in case I wasn't root (although I logged in to ssh as root)

    pw user add -n deviate -c "Deviate" -d /home/none -s /bin/sh

    Anyway I get this error:

    pw: group update: Read-only file system
    pw: passwd file update: Read-only file system

    Thanks!



  • @ vslice: You should add a portforwarding to be able to access your pfsense from wan.

    @ mayhem: Looks as if you are on a setup with read-only filesystem. Maybe a "mount -o rw /" should help.



  • hey-

    so 'mount -o rw /' didn't work for me as I'm trying to add the '_spamd' user as a superuser for the spamd package to work correctly.  Any other ideas that would let me edit the passwd file?



  • just replying to myself here…

    I just figured it out:

    Just execute the following command /etc/rc.conf_mount_rw to set it into RW mode and /etc/rc.conf_mount_ro to set it back into RO mode.

    ..make your changes to passwd and then set it back into RO mode when finished.



  • Great post about how to set the embedded device into RW mode. This has baffled me for a while and has now allowed me to add files into the rc.d folder!!

    Thanks.


Log in to reply