OPNsense 19.1 removes root's authorized_keys when reboot / shutdown+turn on

Do I have a twin with permutated remainders?

Font hinting is lost in Chrome-like browsers (for some languages )

Prove that NP is closed under karp reduction?

To string or not to string

Why can't I see bouncing of a switch on an oscilloscope?

What are the differences between the usage of 'it' and 'they'?

Today is the Center

Why dont electromagnetic waves interact with each other?

LaTeX closing $ signs makes cursor jump

Can a Warlock become Neutral Good?

How to format long polynomial?

Did Shadowfax go to Valinor?

Why are electrically insulating heatsinks so rare? Is it just cost?

Approximately how much travel time was saved by the opening of the Suez Canal in 1869?

Can an x86 CPU running in real mode be considered to be basically an 8086 CPU?

Why are 150k or 200k jobs considered good when there are 300k+ births a month?

Why do falling prices hurt debtors?

How does strength of boric acid solution increase in presence of salicylic acid?

Maximum likelihood parameters deviate from posterior distributions

Why did the Germans forbid the possession of pet pigeons in Rostov-on-Don in 1941?

Which models of the Boeing 737 are still in production?

Languages that we cannot (dis)prove to be Context-Free

If I cast Expeditious Retreat, can I Dash as a bonus action on the same turn?

TGV timetables / schedules?



OPNsense 19.1 removes root's authorized_keys when reboot / shutdown+turn on







.everyoneloves__top-leaderboard:empty,.everyoneloves__mid-leaderboard:empty,.everyoneloves__bot-mid-leaderboard:empty margin-bottom:0;








1















I have an OPNsense 19.1 virtual firewall, which is based on FreeBSD 11.2 HBSD (HardenedBSD).



I added it to Ansible Server inventory (with the right configurations), and once copied the PK to that BSD /root/.ssh/authorized_keys, I can connect to it (yes, running commands as root, it is in an isolated training environment).



The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.



The file permissions are 600 (-rw-------).



Do you know why this happens and how to solve it? As far as I could see, in a normal FreeBSD I think there's no problem in having authorized_keys file in the root account...










share|improve this question
























  • Could it be that a root home is mounted as tmpfs? Run mount without arguments to check.

    – arrowd
    2 days ago











  • I already checked that, it is not, indeed, other files I edit in /root remain there, and even the .ssh/known_hosts file

    – xCovelus
    2 days ago


















1















I have an OPNsense 19.1 virtual firewall, which is based on FreeBSD 11.2 HBSD (HardenedBSD).



I added it to Ansible Server inventory (with the right configurations), and once copied the PK to that BSD /root/.ssh/authorized_keys, I can connect to it (yes, running commands as root, it is in an isolated training environment).



The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.



The file permissions are 600 (-rw-------).



Do you know why this happens and how to solve it? As far as I could see, in a normal FreeBSD I think there's no problem in having authorized_keys file in the root account...










share|improve this question
























  • Could it be that a root home is mounted as tmpfs? Run mount without arguments to check.

    – arrowd
    2 days ago











  • I already checked that, it is not, indeed, other files I edit in /root remain there, and even the .ssh/known_hosts file

    – xCovelus
    2 days ago














1












1








1


1






I have an OPNsense 19.1 virtual firewall, which is based on FreeBSD 11.2 HBSD (HardenedBSD).



I added it to Ansible Server inventory (with the right configurations), and once copied the PK to that BSD /root/.ssh/authorized_keys, I can connect to it (yes, running commands as root, it is in an isolated training environment).



The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.



The file permissions are 600 (-rw-------).



Do you know why this happens and how to solve it? As far as I could see, in a normal FreeBSD I think there's no problem in having authorized_keys file in the root account...










share|improve this question
















I have an OPNsense 19.1 virtual firewall, which is based on FreeBSD 11.2 HBSD (HardenedBSD).



I added it to Ansible Server inventory (with the right configurations), and once copied the PK to that BSD /root/.ssh/authorized_keys, I can connect to it (yes, running commands as root, it is in an isolated training environment).



The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.



The file permissions are 600 (-rw-------).



Do you know why this happens and how to solve it? As far as I could see, in a normal FreeBSD I think there's no problem in having authorized_keys file in the root account...







freebsd openssh






share|improve this question















share|improve this question













share|improve this question




share|improve this question








edited yesterday









Vladimir Botka

27819




27819










asked 2 days ago









xCovelusxCovelus

487




487












  • Could it be that a root home is mounted as tmpfs? Run mount without arguments to check.

    – arrowd
    2 days ago











  • I already checked that, it is not, indeed, other files I edit in /root remain there, and even the .ssh/known_hosts file

    – xCovelus
    2 days ago


















  • Could it be that a root home is mounted as tmpfs? Run mount without arguments to check.

    – arrowd
    2 days ago











  • I already checked that, it is not, indeed, other files I edit in /root remain there, and even the .ssh/known_hosts file

    – xCovelus
    2 days ago

















Could it be that a root home is mounted as tmpfs? Run mount without arguments to check.

– arrowd
2 days ago





Could it be that a root home is mounted as tmpfs? Run mount without arguments to check.

– arrowd
2 days ago













I already checked that, it is not, indeed, other files I edit in /root remain there, and even the .ssh/known_hosts file

– xCovelus
2 days ago






I already checked that, it is not, indeed, other files I edit in /root remain there, and even the .ssh/known_hosts file

– xCovelus
2 days ago











1 Answer
1






active

oldest

votes


















1














To solve the issue, I'm afraid, you'll have to fight OPNsense 19.1 and find out how OPNsense handles roots authorized_keys.




The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.




But there is an option to ssh as a non-root user and sudo su. This is a better practice especially with Ansible. Ansible needs the remote user to use /bin/sh. By default FreeBSD root uses /bin/csh. Ansible best practice is to ssh as a remote_user and escalate privilege (become: yes) to root (become_user: root).






share|improve this answer























    Your Answer








    StackExchange.ready(function()
    var channelOptions =
    tags: "".split(" "),
    id: "106"
    ;
    initTagRenderer("".split(" "), "".split(" "), channelOptions);

    StackExchange.using("externalEditor", function()
    // Have to fire editor after snippets, if snippets enabled
    if (StackExchange.settings.snippets.snippetsEnabled)
    StackExchange.using("snippets", function()
    createEditor();
    );

    else
    createEditor();

    );

    function createEditor()
    StackExchange.prepareEditor(
    heartbeatType: 'answer',
    autoActivateHeartbeat: false,
    convertImagesToLinks: false,
    noModals: true,
    showLowRepImageUploadWarning: true,
    reputationToPostImages: null,
    bindNavPrevention: true,
    postfix: "",
    imageUploader:
    brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
    contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
    allowUrls: true
    ,
    onDemand: true,
    discardSelector: ".discard-answer"
    ,immediatelyShowMarkdownHelp:true
    );



    );













    draft saved

    draft discarded


















    StackExchange.ready(
    function ()
    StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f510467%2fopnsense-19-1-removes-roots-authorized-keys-when-reboot-shutdownturn-on%23new-answer', 'question_page');

    );

    Post as a guest















    Required, but never shown

























    1 Answer
    1






    active

    oldest

    votes








    1 Answer
    1






    active

    oldest

    votes









    active

    oldest

    votes






    active

    oldest

    votes









    1














    To solve the issue, I'm afraid, you'll have to fight OPNsense 19.1 and find out how OPNsense handles roots authorized_keys.




    The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.




    But there is an option to ssh as a non-root user and sudo su. This is a better practice especially with Ansible. Ansible needs the remote user to use /bin/sh. By default FreeBSD root uses /bin/csh. Ansible best practice is to ssh as a remote_user and escalate privilege (become: yes) to root (become_user: root).






    share|improve this answer



























      1














      To solve the issue, I'm afraid, you'll have to fight OPNsense 19.1 and find out how OPNsense handles roots authorized_keys.




      The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.




      But there is an option to ssh as a non-root user and sudo su. This is a better practice especially with Ansible. Ansible needs the remote user to use /bin/sh. By default FreeBSD root uses /bin/csh. Ansible best practice is to ssh as a remote_user and escalate privilege (become: yes) to root (become_user: root).






      share|improve this answer

























        1












        1








        1







        To solve the issue, I'm afraid, you'll have to fight OPNsense 19.1 and find out how OPNsense handles roots authorized_keys.




        The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.




        But there is an option to ssh as a non-root user and sudo su. This is a better practice especially with Ansible. Ansible needs the remote user to use /bin/sh. By default FreeBSD root uses /bin/csh. Ansible best practice is to ssh as a remote_user and escalate privilege (become: yes) to root (become_user: root).






        share|improve this answer













        To solve the issue, I'm afraid, you'll have to fight OPNsense 19.1 and find out how OPNsense handles roots authorized_keys.




        The issue is that when I reboot or turn off and on the machine, that authorized_keys file disappears.




        But there is an option to ssh as a non-root user and sudo su. This is a better practice especially with Ansible. Ansible needs the remote user to use /bin/sh. By default FreeBSD root uses /bin/csh. Ansible best practice is to ssh as a remote_user and escalate privilege (become: yes) to root (become_user: root).







        share|improve this answer












        share|improve this answer



        share|improve this answer










        answered yesterday









        Vladimir BotkaVladimir Botka

        27819




        27819



























            draft saved

            draft discarded
















































            Thanks for contributing an answer to Unix & Linux Stack Exchange!


            • Please be sure to answer the question. Provide details and share your research!

            But avoid


            • Asking for help, clarification, or responding to other answers.

            • Making statements based on opinion; back them up with references or personal experience.

            To learn more, see our tips on writing great answers.




            draft saved


            draft discarded














            StackExchange.ready(
            function ()
            StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f510467%2fopnsense-19-1-removes-roots-authorized-keys-when-reboot-shutdownturn-on%23new-answer', 'question_page');

            );

            Post as a guest















            Required, but never shown





















































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown

































            Required, but never shown














            Required, but never shown












            Required, but never shown







            Required, but never shown







            Popular posts from this blog

            getting Checkpoint VPN SSL Network Extender working in the command lineHow to connect to CheckPoint VPN on Ubuntu 18.04LTS?Will the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayVPN SSL Network Extender in FirefoxLinux Checkpoint SNX tool configuration issuesCheck Point - Connect under Linux - snx + OTPSNX VPN Ububuntu 18.XXUsing Checkpoint VPN SSL Network Extender CLI with certificateVPN with network manager (nm-applet) is not workingWill the Linux ( red-hat ) Open VPNC Client connect to checkpoint or nortel VPN gateways?VPN client for linux machine + support checkpoint gatewayImport VPN config files to NetworkManager from command lineTrouble connecting to VPN using network-manager, while command line worksStart a VPN connection with PPTP protocol on command linestarting a docker service daemon breaks the vpn networkCan't connect to vpn with Network-managerVPN SSL Network Extender in FirefoxUsing Checkpoint VPN SSL Network Extender CLI with certificate

            Cannot Extend partition with GParted The 2019 Stack Overflow Developer Survey Results Are In Announcing the arrival of Valued Associate #679: Cesar Manara Planned maintenance scheduled April 17/18, 2019 at 00:00UTC (8:00pm US/Eastern) 2019 Community Moderator Election ResultsCan't increase partition size with GParted?GParted doesn't recognize the unallocated space after my current partitionWhat is the best way to add unallocated space located before to Ubuntu 12.04 partition with GParted live?I can't figure out how to extend my Arch home partition into free spaceGparted Linux Mint 18.1 issueTrying to extend but swap partition is showing as Unknown in Gparted, shows proper from fdiskRearrange partitions in gparted to extend a partitionUnable to extend partition even though unallocated space is next to it using GPartedAllocate free space to root partitiongparted: how to merge unallocated space with a partition

            Marilyn Monroe Ny fiainany manokana | Jereo koa | Meny fitetezanafanitarana azy.