Hi All,
I'm trying to setup certificate signed ssh access to an OPNsense user and am a bit stuck. Normally it is just a matter of adding the following lines to my sshd_config file and its good to go:
TrustedUserCAKeys /etc/ssh/ca_key.pem
PasswordAuthentication no
The trouble is, I cannot find the sshd_config file in OPNsense! I do see a sshd_config file under /usr/local/etc/ssh/sshd_config, but this appears to be auto generated and I assume will be overwritten at some point?
Does anyone know how I can set this up or have any suggestions to try? Thanks for your help!
Hi Scenic3050,
you can configure all you need with the webgui.
Keys:
System \ Access \ Users \ [ Username ] \ Authorized keys
No password:
System \ Settings \ Administration \ Secure Shell \ Authentication Method
Nevertheless, "sshd_config" is located at "/usr/local/etc/ssh/"
Cheers
@proctor they are asking for certificate based authentication, not SSH keys. Different method.
Thanks Patrick, my fault.
I was searching for (permanently) changes to the ssh keys to generate when i stumbled upon this question, so i had a "key-bias" in mind...