Users & Groups
With the local user manager in OPNsense one can add users and groups and define the privileges for granting access to certain parts of the GUI (Web Configurator).
Adding Users
To add a new user go to and click on the + sign at the bottom right corner of the form.
Disabled |
Unchecked |
Can be used to (temporarily) disable an account |
Username |
John |
A unique username |
Password |
secret |
A strong password |
Full name |
John Doe |
Optional, Full username, for reference only |
Optional, users email, for reference only |
||
Comment |
Optional, comment field, for reference only |
|
Preferred landing page |
ui/page |
Optional, landing page to visit after login |
Login shell |
/bin/csh |
The shell to use when logging in via the console. |
Expiration date |
Optional, if account should expire enter as mm/dd/yyy |
|
Group Membership |
Optional, select one or more groups |
|
Effective Privileges |
Optional, additional grants for this user, usually these are being handled via a group |
|
User Certificates |
Optional, check if a user certificate should be created |
|
API keys |
Optional, when planning to use the API from another application, create keys for this user |
|
OTP seed |
Optional, enter or generate a OTP seed (base32) |
|
Authorized keys |
Optional, paste ssh key for ssh console access |
Creating Groups
Go to and click on the + sign in the lower right corner of the form.
Enter a Group name and a Description and add users to the group.
When users should access resources on this firewall via a group, connect the relevant ones via Assigned Privileges.