The SSH key is the recommended way to access your SSH server located behind the pfsense firewall. For security reasons, username and password are not the correct way to access an SSH Server.
This post provides necessary steps to Setup pfSense to use SSH key.
First thing, your pfsense must have SSH enabled, if you haven’t already, see the post Enable ssh on pfsense firewall.
How to disable password login ssh in pfsense
Go to System and select Advanced.
Scroll down to find the Secure Shell section.
In “Authentication Method“, check “Disable password login for secure shell (RSA / DSA key only)“
Click on Save.
Copy the public key you want to add to pfsense.
Adding RSA key in pfsense
Access the System and click on “User Manager“.
If the user does not yet exist, click Add to create the user and add the public key at the same time.
To add a public key for an existing user, click the edit sign next to the username.
Scroll down to find the Keys section. In “Authorized SSH keys“, paste the current user’s public SSH key.
When you’re done, click Save.
Now when you try to connect to your pfsense via SSH, the system will not ask for username and password, but the SSH server will check if user XXX’s server public matches the private key for the same XXX user.
Video to show you how to setup pfSense to use ssh key
What To Read Next
- How to configure DHCP server in pfsense
- Error 1020 access denied
- Create port aliases in pfsense
- Access your computer from anywhere with vnc