As per this documentation https://docs.opnsense.org/manual/how-tos/user-local.html (https://docs.opnsense.org/manual/how-tos/user-local.html), the way to grant a 'regular' user access to SSH into the opnsense server is to:
- Assign the user a proper shell (i.e. not nologin)
- Assign the user the permission 'User - System - Shell account access' (directly or via a group)
I've checked this on two separate opnsense installations, and when i go to edit 'Effective Privileges' either on a group or user, the only permissions I can see are GUI permissions (e.g. 'GUI Dashboard (all)'). There is no 'Shell account access' listed (nor any non-GUI permissions at all).
This was tested on OPNsense 21.7.5-amd64.
I tried to work around this by creating a new group without any permissions assigned, and then explicitly add this group to the 'Login Group' under 'System' -> 'Administration' -> 'Secure Shell' but still no dice.
It should be said that I'm able to SSH in just fine as root, but just not as a regular user.
Am I missing something obvious? When i try to login as a user, I simply get 'Permission denied'.
Please ignore. It works just fine.