I need to create a new user on the server which will have
the /usr/sbin/authpf as it's shell. So now I have user1 (my regular
account on that server, with a normal shell) and user1_authpf (the
authpf account). But I'm connecting to the user1_authpf account from
the same machine that I'm using for everything else, so after
disconnecting with the authpf account, other connections (eg. imap,
ftp, ssh) are closing too. I understand that authpf removes the rules
and states related to the connecting ip address, so I think this is
normal, but is not good for me.
Hmm. That's a good point.
Unfortunately authpf kills all states originating from authenticated
user's source ip following a logout.
As seen in src/usr.sbin/authpf/authpf.c:authpf_kill_states()
If that will be a big problem for you and don't want to keep that authpf
connection open at all times, you need to do some server side scripting
to update a table. It will be ugly, maybe unreliable or mayve even
unsecure and hijackable but that's an option if you want to achieve this
with dynamic filtering.
Another option can be setting up a VPN tunnel.
Most basic approach will be setting up an SSH tunnel between your
machine and the server. Performance can be degraded but it will work and
at least give a plausible assurance on security.
IPSec and OpenVPN connections can be your further choices if you need much.
