When using SSH to connect to the FW root account, you get the console menu. When connecting through an non-root administrator account, the menu is not shown. Only receive command prompt.
Looking to root and other admin accounts, the console menu is accessible by /usr/local/sbin/opnsense-shell. This option is only available for the root account. All other accounts (even admins) do not have the ability to select this as an option.
How can I access the console menu automatically when logging into an admin account similar as to the root account?
I understand once the admin is logged in the user can sudo into opnsense-shell, but have to remember to do that every-time is not feasible.
Quote from: errored out on September 17, 2020, 04:39:09 AMbut have to remember to do that every-time is not feasible.
Ok, I don't understand this conclusion but if you must:
Set sudo to enabled without password, add "sudo su" at the end of your ~/.profile
Cheers,
Franco
Thank you, for the help.
What an awful thread.
This post was at the top of a google search when I had this problem. I was unsure of the best method for login scripts for freebsd so I'll update it with a real answer; add sudo opnsense-shell to the end of your .profile folder for the non root user.
Non root users needs sudo access.
I guess thanks for posting the awful answer again to a solved thread over a year ago? I get the feeling the word "awful" us awfully displaced. ;)
Cheers,
Franco
Hello Franco,
Your reply was not a direct answer and may confuse others with the same problem.
I was able to come to a solution by reading the details of OP's question and learning about the .profile login script from your reply.
I then provided a clear answer for those that stumble into the same thread via google.
Yet "sudo su" is the same as "sudo opnsense-shell", which is why this was marked "Solved".
Cheers,
Franco
And this is why using aliases is bad practice in public discussions. I had thought it was the same function that it does in linux, switch user. I had thought your reply was how to switch to root.
Edit: I do apologize for my misplacement of your reply.
Sure, su switches to root with the configured shell, which is opnsense-shell by default. For daily typing I use this to save time and energy:
# sudo su
or
# sudo csh
Depending on what I want to do on the box that doesn't have direct root access.
That's just where this comes from, but calling sudo opnsense-shell certainly works too.
Cheers,
Franco
Quote from: franco on September 17, 2020, 08:36:26 AM
add "sudo su" at the end of your ~/.profile
Forgive me, how do I do that?
Tia.
login as the user you want to this for, it should take you to your home directory. To check just issue "ls -alh ~/" and it should list a file called ".profile" the leading full stop is relevant.
If you can see it then in your favourite editor ie. nano you edit it:
"nano ~/.profile" . Make your changes, save and exit.
You need to log out and log back in to take effect. No reboots are necessary.
From the user in question...
# echo "sudo su" >> ~/.profile
Cheers,
Franco
Quote from: cookiemonster on May 11, 2022, 10:22:37 PM
login as the user you want to this for, it should take you to your home directory. To check just issue "ls -alh ~/" and it should list a file called ".profile" the leading full stop is relevant.
If you can see it then in your favourite editor ie. nano you edit it:
"nano ~/.profile" . Make your changes, save and exit.
You need to log out and log back in to take effect. No reboots are necessary.
Not sure what I'm doing wrong, but it doesn't work for me, please see attachment. I still have to type
sudo su or
sudo csh once I log in.
Tia.
If you replace sudo su with sudo opnsense-shell does it fix the problem?
Quote from: Scuro on May 16, 2022, 09:17:41 PM
If you replace sudo su with sudo opnsense-shell does it fix the problem?
No, I'm afraid
Your profile script looks a little different from mine. I am wondering if there is a syntax error.
When you login, what happens if you type sh .profile
My .profile script looks like this:
# $FreeBSD$
#
HOME=/root
export HOME
PATH=/sbin:/bin:/usr/sbin:/usr/bin:/usr/local/sbin:/usr/local/bin:~/bin
export PATH
TERM=${TERM:-xterm}
export TERM
PAGER=less
export PAGER
# set ENV to a file invoked each time sh is started for interactive use.
ENV=$HOME/.shrc; export ENV
# Query terminal size; useful for serial lines.
if [ -x /usr/bin/resizewin ] ; then /usr/bin/resizewin -z ; fi
# Uncomment to display a random cookie on each login.
# if [ -x /usr/bin/fortune ] ; then /usr/bin/fortune -s ; fi
sudo opnsense-shell
Once I log in I get:
login as: coden
Keyboard-interactive authentication prompts from server:
| Password:
End of keyboard-interactive prompts from server
Last login: Tue May 17 08:44:12 2022 from 192.168.0.13
----------------------------------------------
| Hello, this is OPNsense 22.1 | @@@@@@@@@@@@@@@
| | @@@@ @@@@
| Website: https://opnsense.org/ | @@@\\\ ///@@@
| Handbook: https://docs.opnsense.org/ | )))))))) ((((((((
| Forums: https://forum.opnsense.org/ | @@@/// \\\@@@
| Code: https://github.com/opnsense | @@@@ @@@@
| Twitter: https://twitter.com/opnsense | @@@@@@@@@@@@@@@
----------------------------------------------
coden@hush:~ %
and type sh. profile I get
coden@hush:~ % sh .profile
*** hush.local: OPNsense 22.1.7_1 (amd64/OpenSSL) ***
LAN (igc3) -> v4: 192.168.0.1/24
LAN2 (igc2) -> v4: 192.168.10.1/24
LAN3 (igc1) -> v4: 192.168.20.1/24
WAN (pppoe0) -> v4/PPPoE: x.x.x.x/32
HTTPS: xxxx
SSH: xxxx (ECDSA)
SSH: SHA256 xxxx (ED25519)
SSH: SHA256 xxxx (RSA)
0) Logout 7) Ping host
1) Assign interfaces 8) Shell
2) Set interface IP address 9) pfTop
3) Reset the root password 10) Firewall log
4) Reset to factory defaults 11) Reload all services
5) Power off system 12) Update from console
6) Reboot system 13) Restore a backup
Enter an option:
I put some asterisks on purpose.
Which shell is configured for the user? The "%" prompt might mean it's csh - which does not read .profile.
Quote from: pmhausen on May 17, 2022, 09:57:16 AM
Which shell is configured for the user? The "%" prompt might mean it's csh - which does not read .profile.
Looking at
System: Access: Users the
Login shell is on /bin/csh
Other options are:
/sbin/nologin
/bin/sh
/bin/tcsh
So, I changed Login shell to /bin/sh and it works now, many thanks @pmhausen