Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    CLI menu on SSH ?

    Scheduled Pinned Locked Moved General pfSense Questions
    6 Posts 6 Posters 16.5k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • B
      brasilnut
      last edited by

      I have found many webpages and also YouTube video, that show:

      Upon logging into SSH, the PFSense Console appears

      However, I have found otherwise - I just arrive at a shell.

      I am logging in as "admin".

      Is there something special that I need to do, to get to the PFSense Console on a SSH session?

      1 Reply Last reply Reply Quote 0
      • C
        charliem
        last edited by

        @brasilnut:

        I am logging in as "admin".

        Is there something special that I need to do, to get to the PFSense Console on a SSH session?

        That menu system is run when /etc/rc.initial is started up.  rc.initial is usually (always?) started when the /root/.profile file is executed.  In my case, I do see the menu, and my /root/.profile contains:

        if [ `env | grep SSH_TTY | wc -l` -gt 0 ] || [ `env | grep cons25 | wc -l` -gt 0 ]; then
                /etc/rc.initial
                exit
        fi
        [ -n "$SSH_TTY" -o "$TERM" = "cons25" ] && exec /etc/rc.initial
        [ -n "$SSH_TTY" -o "$TERM" = "cons25" ] && exec /etc/rc.initial
        [ -n "$SSH_TTY" -o "$TERM" = "cons25" ] && exec /etc/rc.initial
        [ -n "$SSH_TTY" -o "$TERM" = "cons25" ] && exec /etc/rc.initial
        [ -n "$SSH_TTY" -o "$TERM" = "cons25" ] && exec /etc/rc.initial
        [ -n "$SSH_TTY" -o "$TERM" = "cons25" ] && exec /etc/rc.initial
        [ -n "$SSH_TTY" -o "$TERM" = "cons25" ] && exec /etc/rc.initial
        
        

        (No idea how those 7 lines of garbage got there at the end).

        So if SSH_TTY environment variable is an empty string and 'cons25' is not somewhere in your environment, then /etc/rc.initial won't be run and you won't see your menu.  You can run /etc/rc.initial by hand if you want the menu.

        Note that pfSense uses tcsh, if you want to look into which, when and how files are executed upon logging in.

        1 Reply Last reply Reply Quote 0
        • B
          biggsy
          last edited by

          @brasilnut:

          Is there something special that I need to do, to get to the PFSense Console on a SSH session?

          With SSH log in as root not admin.

          1 Reply Last reply Reply Quote 1
          • P
            phil.davis
            last edited by

            You can login as admin by SSH, then just run /etc/rc.initial (Edit: small brain fade - login as admin should display the menu automatically)
            If you have multiple people doing admin, then create a user for each in the GUI User Manager and put them in "admins" group.
            Install the sudo package and just use the default settings.
            They can SSH and login as themselves then:

            sudo -s
            

            and provide their own password to confirm. They will get a real "root" session.
            then:

            /etc/rc.initial
            

            and the menu is displayed.
            That way multiple sys admins do not need to share the admin/root password.

            As the Greek philosopher Isosceles used to say, "There are 3 sides to every triangle."
            If I helped you, then help someone else - buy someone a gift from the INF catalog http://secure.inf.org/gifts/usd/

            1 Reply Last reply Reply Quote 0
            • stephenw10S
              stephenw10 Netgate Administrator
              last edited by

              Isn't this the other way around?  ???

              The admin user always gets the console menu which is why you need to log in as root to use SCP. Root gets the menu if you login via SSH though. Neither user require any special action to get it normallly.

              Steve

              1 Reply Last reply Reply Quote 0
              • jimpJ
                jimp Rebel Alliance Developer Netgate
                last edited by

                Normally the admin user is always locked into /etc/rc.initial as its shell. If it doesn't come up, then either someone manually edited the code or the passwd file to change the shell, or otherwise changed the .*rc files in /root, or maybe the passwd database has become corrupt in some way.

                Often just an edit/save action on the admin user in the GUI is enough to fix things up, assuming the pfSense code was not modified. In other cases the passwd database has to be manually rebuilt using "pwd_mkdb -p /etc/master.passwd" or similar.

                Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

                Need help fast? Netgate Global Support!

                Do not Chat/PM for help!

                1 Reply Last reply Reply Quote 0
                • First post
                  Last post
                Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.