pfSense Gold Subscription

Author Topic: My pfsense failed an audit by securitymetrics.com  (Read 8477 times)

0 Members and 1 Guest are viewing this topic.

Offline jlepthien

  • Hero Member
  • *****
  • Posts: 657
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #15 on: March 04, 2010, 01:08:51 am »
Like the second one. That's what I do...
| apple fanboy | music lover | network and security specialist | in love with cisco systems |

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #16 on: March 04, 2010, 01:30:15 am »
When I use the one with ssh-rsa I get connection refused.  When I go to auth in putty and select the private.pkk file and try to open the connection I get connection error.
Skype ID:  Marinhd

Offline jlepthien

  • Hero Member
  • *****
  • Posts: 657
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #17 on: March 04, 2010, 01:32:35 am »
Did you get your key by opening puttygen and loading your private key there?
| apple fanboy | music lover | network and security specialist | in love with cisco systems |

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #18 on: March 04, 2010, 01:33:49 am »
I generate public key and copy then export private key. Right?
Skype ID:  Marinhd

Offline jlepthien

  • Hero Member
  • *****
  • Posts: 657
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #19 on: March 04, 2010, 01:35:45 am »
You can use puttygen to generate a pair and then copy the key from the top of the window which says "Public key for pasting into OpenSSH authorized_keys file:"...
| apple fanboy | music lover | network and security specialist | in love with cisco systems |

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #20 on: March 04, 2010, 01:39:26 am »
Here is a new example:

ssh-rsa AAAAB3NzaC1yc2EAAAABJQAAAIBb5HVQf5Nbdu6+bC2dE2bM1ZNC/7USV/jJRcRNtBSu9plZCEAz4BRwCkMiuHlFNHT+FO6fjcdg9Jzb/csZ8SyVP9wY0iSDYeDd9eY5N04LceCGb2AxqrL24a09BftVSlQnXvbsPaume+fKgVVMo6NCDoUhPI917PUyIlNZ8YBD9w== rsa-key-20100303

I pasted this into System:Advanced:Secure Shell:Authorized Keys.  Saved.

Then open Putty and loaded session with internal pfsense IP.  Clicked on Auth in Putty and browsed to the Private.pkk file which I downloaded from puttygen.

Fail.  ???
« Last Edit: March 04, 2010, 01:41:18 am by kapara »
Skype ID:  Marinhd

Offline jlepthien

  • Hero Member
  • *****
  • Posts: 657
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #21 on: March 04, 2010, 01:42:53 am »
Yep. That sounds about right. Are you running 1.2.3 also?
| apple fanboy | music lover | network and security specialist | in love with cisco systems |

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #22 on: March 04, 2010, 01:43:34 am »
1.2.3-RELEASE
built on Mon Dec 7 20:21:30 EST 2009
Skype ID:  Marinhd

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #23 on: March 04, 2010, 01:44:34 am »
Should I remove:   rsa-key-20100303 from the end of the key?
Skype ID:  Marinhd

Offline jlepthien

  • Hero Member
  • *****
  • Posts: 657
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #24 on: March 04, 2010, 01:45:48 am »
Nope. I have that, too....

Please check when logged in that the key is really there....

cat .ssh/authorized_keys
| apple fanboy | music lover | network and security specialist | in love with cisco systems |

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #25 on: March 04, 2010, 01:47:22 am »
you mean check via winscp?
Skype ID:  Marinhd

Offline jlepthien

  • Hero Member
  • *****
  • Posts: 657
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #26 on: March 04, 2010, 01:48:12 am »
No. Login via putty and ssh. And then do that command in /root
| apple fanboy | music lover | network and security specialist | in love with cisco systems |

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #27 on: March 04, 2010, 01:53:17 am »
Seems to be going from Bad to worse.

I deleted the key and unchecked the box disabling password for SSH.  No when I connect I get:

Disconnected:  No Supported authentication methods available.
Skype ID:  Marinhd

Offline jlepthien

  • Hero Member
  • *****
  • Posts: 657
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #28 on: March 04, 2010, 01:54:49 am »
Use your console to connect to the box...
| apple fanboy | music lover | network and security specialist | in love with cisco systems |

Offline kapara

  • Sr. Member
  • ****
  • Posts: 503
    • View Profile
Re: My pfsense failed an audit by securitymetrics.com
« Reply #29 on: March 04, 2010, 01:56:17 am »
ok.  Disables SSH and enabled and now I am back in.


cat: .ssh/authorized_keys: No such file or directory
Skype ID:  Marinhd