Console auto login?!
-
Hello all
I just noticed that my pfSense + does auto login into the ssh session on my console.
I wonder why it is and where it was set.
I must have missed this 'feature' :(
TIA
-
It will do that if you have added your SSH key and have the SSH login set to Pass or key, which is the default.
Steve
-
@stephenw10 said in Console auto login?!:
It will do that if you have added your SSH key and have the SSH login set to Pass or key, which is the default.
Steve
that's the issue - I did not do anything ...
-
Via SSH? What settings do you have there in System > Advanced > Admin Access?
-
-
@chudak SSH, or console? System/Advanced/Admin Access has:
...which IIRC is off by default.
-
@steveits said in Console auto login?!:
@chudak SSH, or console? System/Advanced/Admin Access has:
...which IIRC is off by default.
You can kill me but I never used it and IIRC I always had to login on console
(But I’m getting old, maybe missing something)
Is it possible it was checked by default and then changed?
Is it using the same password as GUI login?
Thx
-
@chudak The console is not SSH, it’s the screen/keyboard. I guess, in the case of an appliance there’s no monitor or keyboard so a person can’t just walk up to it, so less concern…?
https://docs.netgate.com/pfsense/en/latest/config/advanced-admin.html#console-menu
Takes the same credentials as are set up elsewhere. -
-
@chudak said in Console auto login?!:
Is it possible it was checked by default and then changed?
AFAIK the console has never defaulted to require login.. That could lead to problems for sure to be honest, password on the console should really only be set if your in a environment that would make that necessary.. Which to be honest would be rare.. Normally your firewall would be in a locked room if you were in company setting. And home why would that be a concern?
I know for sure I have never set that, and I do console into mine now and then vs ssh to it. Normally I console in when I am going to run an update of the pfsense software so I can watch the process in full.
edit: here I just consoled in - no password required..
-
Indeed the console does not require a login by default there. In general if you can access the local console on a machine you can bypass a login there anyway so that becomes a physical security issue.
Steve