Access developer shell via ssh



  • Stupid question, but I can't seem to search up an answer.

    How do I access the developer shell via ssh?

    You don't get the console menu when you ssh into a 2.0 pfSense anymore. Where's the menu script? I can probably parse that and find what I want.

    Thanks for your time.



  • /etc/rc.initial

    is default shell for user admin.



  • Thanks.

    oh… look at that. My login has tcsh instead.

    I guess I've run into this before, but forgot. I keep assuming any login added to the admin group has full permissions, but 'admin' is really the only admin.


  • Rebel Alliance Developer Netgate

    If you want other logins to have admin/root permissions, you'll need to pkg_add -r sudo, and then setup the sudoers file to allow everyone to have sudo access.

    Otherwise, other users will not have enough permissions to run many of the commands on the menu.



  • @jimp:

    If you want other logins to have admin/root permissions, you'll need to pkg_add -r sudo, and then setup the sudoers file to allow everyone to have sudo access.

    Otherwise, other users will not have enough permissions to run many of the commands on the menu.

    I think that would be rather useful to include standard, in a way that on the user manager page one could turn on/off this sort of capability.

    Otherwise, it is one of these obscure things that will lead periodically to the same question being asked over and over, because it's just too obscure for the non-initiated.


  • Rebel Alliance Developer Netgate

    I think there are plans to include it by 2.0, but it's hard to say for sure at this point. It's easily added, and it would be something that some people may not want, so there are some considerations to be taken there.

    As it is, even without sudo, you should consider every shell user as having root access, due to the info found in files on the firewall that are world readable for various reasons. So only those you'd trust with admin access to the firewall should have shell access.


Log in to reply