Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    New users created - cant log in

    Scheduled Pinned Locked Moved General pfSense Questions
    8 Posts 3 Posters 184 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      michmoor LAYER 8 Rebel Alliance
      last edited by

      I was toying aorund with the Negate Nexus service trying to get that up and running when i received alerts that my back up system (oxidized) was failing. It is due to the oxidized account unable to log-in.

      Checking the /etc/passwd file i did notice that the account is suddenly set to 'nologin'. As a test, any new account i create is set to 'nologin'. In the GUI, they are set to log in which is the default.

      Whats going on here?

      admin:*:0:0:System Administrator:/root:/etc/rc.initial
oxidized:*:2012:65534::/home/oxidized:/sbin/nologin
test111:*:2013:65534::/home/test111:/sbin/nologin
[25.07.1-RELEASE][admin@atl-fw1-inet.moore.lan]/root:

      01ead4fe-928f-47e4-a0f5-d8a8343954fd-image.png

      S 1 Reply Last reply Reply Quote 0
      • S Offline
        SteveITS Galactic Empire @michmoor
        last edited by

        @michmoor I think that's normal for additional users. Per https://docs.netgate.com/pfsense/en/latest/recipes/ssh-access.html#user-access "Additional users with limited access may be granted the User - System - Shell account access privilege to login via SSH."

        Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
        When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
        Upvote ๐Ÿ‘ helpful posts!

        M 1 Reply Last reply Reply Quote 0
        • M Offline
          michmoor LAYER 8 Rebel Alliance @SteveITS
          last edited by

          @SteveITS said in New users created - cant log in:

          https://docs.netgate.com/pfsense/en/latest/recipes/ssh-access.html#user-access

          This was working..
          so where do i grant the user the ability to log-in ?

          There isnt a System -> User -> Shell
          There also an ability to provide shell access to a user under the users account.

          S 1 Reply Last reply Reply Quote 0
          • S Offline
            SteveITS Galactic Empire @michmoor
            last edited by

            @michmoor Edit the user, and in the "Effective Privileges" section, click Add, to get to:

            2ffeb7f4-8085-45e0-80bd-49df6a3abc2b-image.png

            Only install packages for your version, or risk breaking it. Select your branch in System/Update/Update Settings.
            When upgrading, allow 10-15 minutes to reboot, or more depending on packages, CPU, and/or disk speed.
            Upvote ๐Ÿ‘ helpful posts!

            M 2 Replies Last reply Reply Quote 1
            • M Offline
              michmoor LAYER 8 Rebel Alliance @SteveITS
              last edited by

              This post is deleted!
              1 Reply Last reply Reply Quote 0
              • M Offline
                michmoor LAYER 8 Rebel Alliance @SteveITS
                last edited by

                @SteveITS that.........did it.

                I am so confused right now.

                I have another pfsense firewall thats able to be backed up Checking that account on that firewall

                oxidized:*:2000:65534::/home/oxidized:/bin/tcsh

                Only with this lab firewall did i have to specifically grant SSH access. Super strange. But its working for now

                M 1 Reply Last reply Reply Quote 0
                • M Offline
                  michmoor LAYER 8 Rebel Alliance @michmoor
                  last edited by

                  I do wonder if this is some pfnet weirdness. Now that i am able to view diffs, the only change made today was disabling Nexus.
                  In any case, appreciate your help @SteveITS as always.

                  914c87e7-4bce-4254-a5ea-e1240f4afb59-image.png

                  1 Reply Last reply Reply Quote 2
                  • M Offline
                    marcosm Netgate
                    last edited by

                    The behavior should be the same regardless of Nexus running. The "nologin" part will be there if the user is not part of the admins group - in which case it needs to be part of a group with the correct privilege (or the privilege added to the user itself). Please share the steps if you notice a different behavior and can reproduce it.

                    1 Reply Last reply Reply Quote 0
                    • First post
                      Last post
                    Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.