Home
Help
Search
Login
Register
OPNsense Forum
»
English Forums
»
General Discussion
»
Edit ssh configs (to allow certificate signed ssh access)
« previous
next »
Print
Pages: [
1
]
Author
Topic: Edit ssh configs (to allow certificate signed ssh access) (Read 258 times)
Scenic3050
Newbie
Posts: 4
Karma: 0
Edit ssh configs (to allow certificate signed ssh access)
«
on:
September 30, 2024, 04:33:08 pm »
Hi All,
I'm trying to setup certificate signed ssh access to an OPNsense user and am a bit stuck. Normally it is just a matter of adding the following lines to my sshd_config file and its good to go:
TrustedUserCAKeys /etc/ssh/ca_key.pem
PasswordAuthentication no
The trouble is, I cannot find the sshd_config file in OPNsense! I do see a sshd_config file under /usr/local/etc/ssh/sshd_config, but this appears to be auto generated and I assume will be overwritten at some point?
Does anyone know how I can set this up or have any suggestions to try? Thanks for your help!
Logged
proctor
Newbie
Posts: 39
Karma: 2
Re: Edit ssh configs (to allow certificate signed ssh access)
«
Reply #1 on:
October 23, 2024, 10:04:03 am »
Hi Scenic3050,
you can configure all you need with the webgui.
Keys:
System \ Access \ Users \ [ Username ] \ Authorized keys
No password:
System \ Settings \ Administration \ Secure Shell \ Authentication Method
Nevertheless, "sshd_config" is located at "/usr/local/etc/ssh/"
Cheers
Logged
Patrick M. Hausen
Hero Member
Posts: 6709
Karma: 565
Re: Edit ssh configs (to allow certificate signed ssh access)
«
Reply #2 on:
October 23, 2024, 10:20:18 am »
@proctor they are asking for certificate based authentication, not SSH keys. Different method.
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do.
(Isaac Asimov)
proctor
Newbie
Posts: 39
Karma: 2
Re: Edit ssh configs (to allow certificate signed ssh access)
«
Reply #3 on:
October 23, 2024, 11:54:06 am »
Thanks Patrick, my fault.
I was searching for (permanently) changes to the ssh keys to generate when i stumbled upon this question, so i had a "key-bias" in mind...
Logged
Print
Pages: [
1
]
« previous
next »
OPNsense Forum
»
English Forums
»
General Discussion
»
Edit ssh configs (to allow certificate signed ssh access)