Messages

After reboot login works.

Hi All,

does anyone know how to grant ssh rights to a user ?
I added 'admins' to the user but I still can't login: 'This account is currently not available.'

Well, I missed that but I think my way is more secure.

Hi All,

After a migration from 23.7 to 24.1 my backup to GDrive stopped working.
I followed the official documentation and created a new cert and so on. It failed , but the fault is not in OpnSense but in the fact that openssl no longer supports legacy encryption.

In order to workaround the problem , I've copied the p12 to a legacy system (RHEL8) and extracted the contents of the p12 , so I could later recreate it on a newer system.

On RHEL8 or equivalent run the following:
openssl pkcs12 -in my-cert-from-gcp.p12  -nodes

Obtain the Public and Private keys from the output and save the output to a more modern system (most probably it would work on Opnsense shell but I tested it on RHEL9).
Run the following and provide "notasecret" for password:
openssl pkcs12 -export -out gdrive.p12 -inkey privkey.pem -in pubkey.pem

Then upload your p12 and test the backup.

I noticed that I had the same problem with no-ip but now it works:

Account settings:
Service: noip
username: my-email
pass: noip pass
hostname: FQDN1, FQDN2
Check ip method: Interface[ipv4]
Interface to monitor: wan
check ip timeout: 10
Force SSL: ticked

General Settings:
Enable: ticked
Interval: 300
Backend: native (with ddclient fails miserably)

Any idea how to set the FreeBSD repos ?

I just checked mine and it's the same.
Edit: the php file contains the log severity and rotation -> pure config file.
Same is for the Menu.xml

I think those are Zenarmor pkg files. Are you using Zenarmor ?

If no, you can remove them.

I feel that Zenarmor has modified them after the installation, but I might be wrong.

Hi All,

I have a selenium script that backs up my Zenarmor policies and I was wondering if I can install Firefox (or any other browser) on the Opnsense and schedule the backup from there.

Note: The API access is limited to Business plan and home users can't use that.

In 22.7 I had a rule that allows all IPv4 from 'Lan Net' to 'Lan Net' , but after update to 23.1 the multicast traffic from my DLNA server is blocked and I had to create a new rule: allow ipv4 udp from <DLNA IP>:57953 to 239.255.255.0/24:1900.

Any reason for that change ?

Hello All,

I was checking the API and I couldn't find an endpoint that matches to the 'Services' -> 'DHCPv4' -> 'LAN' menu.
What are my options. Is it possible to inject new MAC addresses (and their IP) in a file or in the config and reload the service ?

It seems that OPNsense-21.7.1-OpenSSL-vga-amd64.img is working fine (via dd)

Hi All,

I was dd the DVD image to my usb stick and as usual I tried to boot it - the bios of the machine skips it.
Any hints for properly creating bootable Legacy Stick (under Linux) ?

Is legacy no longer supported ?

I remember that I just dd my image to a usb stick and no issues, now the system skips the usb stick at all.

Edit: I just noticed that the issue was for 20.7 , while I have problems with latest (21.7)

Hi All,

I saw that 21.7 now supports setup of ZFS via the installer.
Do you think that I can reinstall with ZFS and later load my configuration backup ?

Do you see any issues ?