Admin Account Disabled, can still use credentials for SSH Access
I have come across a strange problem using pfsense version 2.2.6. I have disabled the Admin account wanting to secure the pfsense by user in FreeRadius using mOTP which is working fine. So i disable the admin account and tested webgui access which now fails as expected. However i am still able to access the LAN address via SSH using the admin credentials, is this the correct behaviour?
Thanks in advance, i hope someone may shed some light on why this is happening.
If you configured pfSense to use FreeRADIUS for GUI auth, the local admin user is kept enabled as a failsafe, IIRC. In case the RADIUS server is unreachable so you still have a way in.
I'd have to check the code but I seem to recall that the account disable part was only honored when using local auth.
Sincere apologies for the late response,
The device is not yet in production, so i will test disabling the FreeRadius and again disabling the admin account and test SSH, will let you know the outcome.
Thanks for your support it is appreciated.