Pfsense 2.0.1 - SSH prompting for password with disable password checked



  • Was hoping someone might be able to assist.  I have SSH access to my pfsense box working.  Also under SYSTEM > ADVANCED > ADMIN ACCESS, the option:

    Authentication Method - Disable password login for Secure Shell (RSA key only) is CHECKED.

    However, when use PUTTY to initiate an SSH connection to my pfsense box, I am prompted for both a username AND password.

    1.) I thought it wasn't supposed to prompt for a password, but rather use the key only?
    2.) I am only able to access SSH if I enter the 'admin' user.  should I be able to login with another, non-admin account?



  • Have you tried to reboot after making that kind of change?



  • @podilarius:

    Have you tried to reboot after making that kind of change?

    Yes.  Actually the DISABLE PASSWORD (USE RSA KEY) option has always been enabled.



  • You need to tell putty the default username to use and the location of the private key associated with the public key you pasted into the user manager on pfsense. if your private key has a password,you will be prompted for it.
    You can create another user in the user manager and login with that as Issh username



  • @thermo:

    You need to tell putty the default username to use and the location of the private key associated with the public key you pasted into the user manager on pfsense. if your private key has a password,you will be prompted for it.
    You can create another user in the user manager and login with that as Issh username

    Thanks - that worked.  Is a pass phrase necessary for the key?  I've found how to have putty auto-enter the username and, without a pass phrase on the key, this automates the entire login.  Otherwise, I couldn't tell how to get putty to automate both the username AND password in the event my key had a password/pass phrase.



  • @miles267:

    Thanks - that worked.  Is a pass phrase necessary for the key?

    Well, technically it's not required, but it's a good practice security-wise to keep keys password protected.

    If you do a lot of logins/logouts throughout the day, then you could use Pagent (in case of putty).


Locked