Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    SSH - paste key file here?

    General pfSense Questions
    3
    4
    4.9k
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • J
      johnvan
      last edited by

      I've got SSH working well so I can tunnel from my laptop while on the road.  I'd like to add an extra layer of security by using SSH keys instead of my password.
      I generated the keys on my laptop and just did copy and paste of the public key into the proper spot on the pfsense advanced page. I'm still being prompted for my password.

      What part of the key file do I need to copy, I open it in text editor? Is this the correct way?

      Also, do I only change the settings in the router or do I also need to change things in the ssh config file of the server?

      Thanks.

      1 Reply Last reply Reply Quote 0
      • jimpJ
        jimp Rebel Alliance Developer Netgate
        last edited by

        You also need to configure your ssh client to prefer key-based login over password-based.

        Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

        Need help fast? Netgate Global Support!

        Do not Chat/PM for help!

        1 Reply Last reply Reply Quote 0
        • J
          johnvan
          last edited by

          Everything's working great now. Thanks.

          1 Reply Last reply Reply Quote 0
          • J
            joebarnhart
            last edited by

            @jimp:

            You also need to configure your ssh client to prefer key-based login over password-based.

            Excellent.  For those reading this, one easy way is to add to your ssh command line this option:

            ssh -o KbdInteractiveAuthentication=no ...
            

            This has the effect of supressing interactive authentication for one session while leaving your default options untouched.

            1 Reply Last reply Reply Quote 0
            • First post
              Last post
            Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.