OPNsense Forum

English Forums => General Discussion => Topic started by: dcol on June 23, 2022, 01:43:36 am

Title: SSH root password not working
Post by: dcol on June 23, 2022, 01:43:36 am

I can log into OPNsense via the console of GUI just fine, but I cannot use that same password in WinSCP. It says 'incorrect password'.
What do I need to do to get SFTP access?

Title: Re: SSH root password not working
Post by: franco on June 23, 2022, 08:04:53 am

Could there be an issue with the character map? The console could have integrated authentication (System: Settings: turned off as well which leads to unexpected results vs. GUI login.

For SSH itself the user needs to be added to a permitted group as per setting and password logig must be enabled as well as it is off by default.


Cheers,
Franco

Title: Re: SSH root password not working
Post by: dcol on June 23, 2022, 05:15:00 pm

Integrated auth is on. I have user added to admins group. The read only privilege has been removed from config.xml. Since I cannot edit files via SFTP, I had to edit the config.xml from the backup and import it into OPNsense.
When I use WinSCP as the root user, I get pic1. When I login as admin user I can read but not write files as in pic2. My production firewall works fine logging in as root, so I know it is a setting somewhere and I matched the settings>administration settings to the test firewall.

When logging in from root, audit log shows this
error: PAM: Authentication error for root from x.x.x.x (IP removed for security reasons)

I tried remotely and on the local network.

Title: Re: SSH root password not working
Post by: dcol on June 23, 2022, 06:38:07 pm

I just installed a fresh OPNsense install 22.1 and it does the same thing.
How do I get WinSCP to work?

Title: Re: SSH root password not working
Post by: dcol on June 23, 2022, 06:57:15 pm

<SOLVED>
I had to change the Login shell to /bin/csh
What confused me is the production firewall is set to /usr/local/sbin/opnsense-shell and that works

Issue is, how to get it to work OOB. It really should.

Title: Re: SSH root password not working
Post by: Patrick M. Hausen on June 23, 2022, 07:05:08 pm

What for do you need WinSCP on OPNsense? SSH, yes, but SCP/SFTP?

Title: Re: SSH root password not working
Post by: dcol on June 23, 2022, 07:08:59 pm

This is how I edit files in OPNsense. I am not comfortable with the shell editor

Title: Re: SSH root password not working
Post by: Patrick M. Hausen on June 23, 2022, 07:33:42 pm

You know it's dangerous to edit on Windows and copy back? If your Windows editor of choice inserts the wrong end of line characters all sorts of things break.

Title: Re: SSH root password not working
Post by: dcol on June 23, 2022, 07:59:07 pm

I use Notepad+. Never had an issue.

Title: Re: SSH root password not working
Post by: dcol on June 23, 2022, 08:20:32 pm

<UPDATE>
I realized I needed the opnsense-shell, so I put it back, and now the root password works. Not sure what changing to /bin/csh did, but it fixed the problem.

Title: Re: SSH root password not working
Post by: pankaj on June 26, 2022, 01:10:32 am

Quote from: pmhausen on June 23, 2022, 07:33:42 pm

You know it's dangerous to edit on Windows and copy back? If your Windows editor of choice inserts the wrong end of line characters all sorts of things break.

I used to be same way but found that nano is lot more intuitive, the experienced folks say that it lacks functionality but I am only editing files occasionally. In Nano the commands are little more intuitive than Vi or Vim.

https://www.nano-editor.org/dist/latest/cheatsheet.html

You will need to install nano from command line "pkg install nano".