Edit ssh configs (to allow certificate signed ssh access)

Started by Scenic3050, September 30, 2024, 04:33:08 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
September 30, 2024, 04:33:08 PM
Hi All,

I'm trying to setup certificate signed ssh access to an OPNsense user and am a bit stuck. Normally it is just a matter of adding the following lines to my sshd_config file and its good to go:

TrustedUserCAKeys /etc/ssh/ca_key.pem
PasswordAuthentication no

The trouble is, I cannot find the sshd_config file in OPNsense! I do see a sshd_config file under /usr/local/etc/ssh/sshd_config, but this appears to be auto generated and I assume will be overwritten at some point?

Does anyone know how I can set this up or have any suggestions to try? Thanks for your help!
October 23, 2024, 10:04:03 AM #1
Hi Scenic3050,

you can configure all you need with the webgui.

Keys:
System \ Access \ Users \ [ Username ] \ Authorized keys

No password:
System \ Settings \ Administration \ Secure Shell \ Authentication Method

Nevertheless, "sshd_config" is located at "/usr/local/etc/ssh/"

Cheers
October 23, 2024, 10:20:18 AM #2
@proctor they are asking for certificate based authentication, not SSH keys. Different method.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
October 23, 2024, 11:54:06 AM #3
Thanks Patrick, my fault.
I was searching for (permanently) changes to the ssh keys to generate when i stumbled upon this question, so i had a "key-bias" in mind...
Print
Go Up Pages1
User actions