Step 1 - Generate SSH key pair
Generate a SSH key pair for each user you want to grant access:
- Use PuTTY Key Generator (puttygen.exe) to generate a public/private key pair. Select RSA type of key and click Generate
- Add a key passphrase [1] to secure the saved private key
- Save the public key
- Save the private key file [2] somewhere safe (keep this file secure)
- Select the text in the box labelled "Public key for pasting into OpenSSH_authorized_key files and save that to a file e.g pubOpenSSH. You will need this text later [3]
Step 2 - Enable SSH access
Enable SSH access on the pfsense box and require both a password and public key for SSH access:- log in to the pfsense GUI
- Navigate to System > Advanced > Admin Access
- Enable (tick) 'Enable Secure Shell'
- Select 'Require Both Password and Public Key'
- Save
Step 3 - Grant user SSH access
Set the SSH key for each user account:- Navigate to System > User Manager > Users
- Select Edit User for the user you want to grant SSH access
- Paste the text from earlier [3] into Authorized SSH Keys
- Save
Step 4 - config PuTTY SSH
Config PuTTY for SSH connection using public key- run PuTTY
- set hostname
- select connection type SSH
- give your session a name in Saved Sessions
- Navigate to Connection > SSH > Auth and add the the private key file for authentication [2]
- go back to Session and click Save to save these session settings
Step 5 - connect via SSH
Connect using SSH- Run PuTTY (if not already running)
- Click the saved session from step 4 and click Load
- Click Open to initiate a connection
- At login as: prompty enter username
- Enter passphrase used to protect the private key [1]
- at prompt for the user's password enter the user's password
That's it you are now connected to the pfsense box via SSH using both a key and password
No comments:
Post a Comment