SSH (Secure Shell) is a network protocol that gives possibility to make secure connections between two points. After enabling SSH server in the pfsense firewall, you can safely access many remote resources depending on the type of authorization you define for each user, such as: root console, log filter, monitoring settings, SSH tunnel, etc.
How to enable SSH on pfsense firewall
- Go to System and select Advanced.
- Select the admin access tab
- Scroll down to find secure shell section.
- In secure shell server, check enable secure shell.
- If you leave the SSH port empty, pfsense will use 22 which is the default port that SSH servers listen to. For security reasons, it is recommended to change the default port of the SSH server, as it is a well-known port that receives a lot of scans on the internet.
- In the SSH port, enter any unused port greater than 1024.
- Click save
The SSH server is now enabled on your pfsense firewall. In other words, you can remotely access your pfSense console with username and password.
Note: It is not a good practice to access an SSH server with a username and password because hackers can guess the credentials with brute force and it is more risky if you do not have no fail2ban system.