Home FreeBSD How To Enable SSH On FreeBSD

How To Enable SSH On FreeBSD

By sk
21,056 Views

OpenSSH Server is installed by default on FreeBSD. But on a fresh FreeBSD system, remote SSH logins are not allowed. You must enable SSH access yourself to access your FreeBSD server via SSH from other systems on the network. This brief guide will walk you through the steps to configure and enable SSH on FreeBSD. All steps provided below are tested on a freshly installed FreeBSD 12.2 system.

Enable SSH on FreeBSD

If you don't have created any normal users on your system yet, create one first.

For example, I am going to create an user named ostechnix using command:

# adduser

You will be prompted to answer a couple questions, such user name, full name, login group name, login class, default shell etc. Mostly the default values are just fine. Press ENTER key to accept the defaults values and type your password twice.

Username: ostechnix
Full name: Ostechnix
Uid (Leave empty for default): 
Login group [ostechnix]: 
Login group is ostechnix. Invite ostechnix into other groups? []: 
Login class [default]: 
Shell (sh csh tcsh nologin) [sh]: 
Home directory [/home/ostechnix]: 
Home directory permissions (Leave empty for default): 
Use password-based authentication? [yes]: 
Use an empty password? (yes/no) [no]: 
Use a random password? (yes/no) [no]: 
Enter password: 
Enter password again: 
Lock out the account after creation? [no]: 
Username : ostechnix
Password : *****
Full Name : Ostechnix
Uid : 1001
Class : 
Groups : ostechnix 
Home : /home/ostechnix
Home Mode : 
Shell : /bin/sh
Locked : no
OK? (yes/no): yes
adduser: INFO: Successfully added (ostechnix) to the user database.
Add another user? (yes/no): no
Goodbye!
Create a normal user in Freebsd

Create a normal user in Freebsd

Next, edit /etc/rc.conf file:

# vi /etc/rc.conf

Add the following line at the end:

sshd_enable="YES"
Enable SSH access on Freebsd 12

Enable SSH access on Freebsd 12

Hit ESC and type :wq to save and quit the file.

Finally, start SSH service:

# /etc/rc.d/sshd start
start ssh service on freebsd

start ssh service on freebsd

Done! Now you can access your FreeBSD server via SSH from any system on the network like below.

$ ssh [email protected]

Replace [email protected] in the above command with your user name and IP address.

As you may already know, when you SSH into a FreeBSD server for the first time, you will be prompted to verify the server's fingerprint. Simply type Yes to continue and type the password of the user.

Sample output:

FreeBSD 12.2-RELEASE r366954 GENERIC

Welcome to FreeBSD!

Release Notes, Errata: https://www.FreeBSD.org/releases/
Security Advisories: https://www.FreeBSD.org/security/
FreeBSD Handbook: https://www.FreeBSD.org/handbook/
FreeBSD FAQ: https://www.FreeBSD.org/faq/
Questions List: https://lists.FreeBSD.org/mailman/listinfo/freebsd-questions/
FreeBSD Forums: https://forums.FreeBSD.org/

Documents installed with the system are in the /usr/local/share/doc/freebsd/
directory, or can be installed later with: pkg install en-freebsd-doc
For other languages, replace "en" with a language code like de or fr.

Show the version of FreeBSD installed: freebsd-version ; uname -a
Please include that output and any error messages when posting questions.
Introduction to manual pages: man man
FreeBSD directory layout: man hier

Edit /etc/motd to change this login announcement.
Forget how to spell a word or a variation of a word? Use

look portion_of_word_you_know
-- Dru <[email protected]>
[email protected]:~ $
SSH into FreeBSD server as normal user

SSH into FreeBSD server as normal user

Enable SSH Root access in FreeBSD

By default, SSH root login is disabled for security purposes on FreeBSD. So, you can't access your FreeBSD server via SSH as root user. It is strongly recommended to leave SSH root login disabled and use a non-privileged user and allow SSH access to that user as described above.

If you still want to allow SSH access to the root user for any reason, do the following.

Edit /etc/ssh/sshd_config file:

# vi /etc/ssh/sshd_config

Find the following line:

#PermitRootLogin no

Uncomment it by removing the hash (#) symbol and change it's value to yes like below:

PermitRootLogin yes
Enable SSH Root access in FreeBSD

Enable SSH Root access in FreeBSD

Save and quit the file. Restart SSH service using command:

# /etc/rc.d/sshd restart

Now you can be able to login via SSH as root user from any system on the network using command.

# ssh [email protected]

Sample output:

SSH into FreeBSD server as root user

SSH into FreeBSD server as root user

Again, enabling SSH access for root account is not recommended. I strongly suggest you to use a non-privileged user and leave SSH root login disabled.

Related read:

You May Also Like

5 comments

Robert Tiismus March 24, 2020 - 10:03 pm

Thank you for thorough explanation! But this did not help me with my new GhostBSD 12.1 installation. Whatever I tried, including the ‘sshd_enable=”YES”‘ in /etc/rc.conf, the sshd was not starting on boot. I was almost pulling my hair over this anomaly. Running ‘service sshd start’ started the service for sure, but I’d expect it to survive rebooting the workstation. I found the answer by lucky chance from … Google. The sshd did behave after I run the following: ‘rc-update add sshd default’. This created soft link for sshd to directory /etc/runlevels/default . Maybe someone can enlighten shed a light on why the above guide was not sufficient. It might be that the default runlevel link for sshd is essential and it was omitted from GhostBSD 12.1 by unlucky chance.

Reply
Ebry April 16, 2020 - 5:09 am

Very good guide, if it were otherwise Linux as a server, how to proceed from FreeBSD ?

Reply
sk April 16, 2020 - 11:05 am

Could you please you elaborate the question? Are you asking to setup SSH on Linux?

Reply
Hariharasudhan June 11, 2020 - 11:30 am

Pretty Cool!!!. Thanks

Reply
russelld October 10, 2020 - 5:29 pm

@Robert Tiismus
GhostBSD uses OpenRC as init system which starts system services such as sshd via command “rc-update add sshd default”
FreeBSD uses SysV-style init as init system which uses a line in /etc/rc.conf to start system service as in “sshd_enable=”YES””

Reply

Leave a Comment

* By using this form you agree with the storage and handling of your data by this website.

This site uses Akismet to reduce spam. Learn how your comment data is processed.

This website uses cookies to improve your experience. We'll assume you're ok with this, but you can opt-out if you wish. Accept Read More