How do I get ssh working after new install and update.

tsesani

Maybe firewall is blocking ssh.
I have sshd_enable="YES" in rc.conf
What else do I need to change.

ericbsd

tsesani Maybe firewall is blocking ssh.
It is most likely the firewall. We did add support for the workstation by default. You can change it to open in /etc/rc.conf.

RodMyers

after adding to rc.conf, did you reboot? I forget the command to restart it?

What is it doing? or not doing?

tsesani

RodMyers
Rebooted both machines.
I can ping both machines.
ssh just times out.

tsesani

ericbsd
Do you mean set it to "NO"

ericbsd

tsesani Do you mean set it to "NO"

I am referring to this line firewall_type="workstation", but firewall_enable="NO" will disable the firewall I you do not need it.

tsesani

ericbsd
Setting to open lets ssh work now.
Does open mean only for ssh or am I open to anything now.

ericbsd

tsesani I did look at it deeper and hen you set firewall_type="open", that means all traffic is allowed inbound and outbound. It doesn’t just open SSH. It disables packet filtering entirely. So yes, your system is now “open to anything.”

Here’s the breakdown:

firewall_type="workstation" (the default in GhostBSD now) → Protects only the local machine. Outbound is mostly allowed, but inbound (like SSH) is blocked unless explicitly opened.
firewall_type="open" → No restrictions at all. Everything passes.
firewall_enable="NO" → Effectively disables the firewall (same effect as open, but it doesn’t even load the ruleset).

If you want SSH to work but still have some firewall protection, you don’t have to switch to open. Instead, you can keep firewall_type="workstation" and allow SSH by adding firewall_myservices="22/tcp" to /etc/rc.conf:
That line tells the firewall to permit inbound SSH connections while still blocking other unwanted inbound traffic.

tsesani

ericbsd
Thank you.
That's what the unix person in me wants.
It needs to be in the wiki.

tsesani

tsesani
Did not work after reboot.

My rc.conf

zfs_enable="YES"
kld_list="linux linux64 cuse fusefs hgame /boot/modules/amdgpu.ko"
linux_enable="YES"
ntpd_enable="YES"
ntpd_sync_on_start="YES"
devfs_enable="YES"
devfs_system_ruleset="devfsrules_common"
dbus_enable="YES"
lightdm_enable="YES"
webcamd_enable="YES"
cupsd_enable="YES"
avahi_daemon_enable="YES"
avahi_dnsconfd_enable="YES"
moused_enable="YES"
firewall_enable="YES"
firewall_type="workstation"
ifconfig_re0="DHCP"
keymap="us.kbd"
hostname="tsesani-ghostbsd"
wlans_rtw880="wlan0"
ifconfig_wlan0="WPA DHCP"
sshd_enable="YES"
firewall_myservices="22/tcp"

ericbsd

Oh, I forgot one part.

Open SSH from anywhere (still keeps other inbound closed):

firewall_enable="YES"
firewall_type="workstation"
firewall_myservices="22/tcp"
firewall_allowservices="any"

Open SSH only from your LAN (safer):

firewall_enable="YES"
firewall_type="workstation"
firewall_myservices="22/tcp"
firewall_allowservices="trusted"
firewall_trusted="192.168.1.0/24"   # adjust to your subnet

tsesani

ericbsd
That works.
Thank you your time and hard work.
I find GhostBSD to be one of the best Distro's out there.
When I am able, I will donate to the project.