abc789987

After looking into how duplicati works it has built in encryption so I think sftp is would be overkill. Just using the ftp and seems to be working perfectly. Thank you for great app and support.

The backups will be offsite. I'll have to check out that post later today. Thanks again.

I'm trying to setup an sftp for Duplicati backups. I guess I'll have to read up more on how the users got sftp working correctly on here. Thank you for all your help.

From Syslog Feb 10 17:39:55 NAS sshd[15918]: Accepted password for test1 from 192.168.1.210 port 57802 ssh2 From WinSCP log file . 2019-02-10 17:39:56.865 -------------------------------------------------------------------------- . 2019-02-10 17:39:56.866 WinSCP Version 5.13.6 (Build 9061) (OS 10.0.17134 - Windows 10 Enterprise) . 2019-02-10 17:39:56.866 Configuration: HKCU\Software\Martin Prikryl\WinSCP 2\ . 2019-02-10 17:39:56.866 Log level: Normal . 2019-02-10 17:39:56.866 Local account: DESKTOP-MFBL235\mikej . 2019-02-10 17:39:56.866 Working directory: C:\Program Files (x86)\WinSCP . 2019-02-10 17:39:56.867 Process ID: 21004 . 2019-02-10 17:39:56.869 Command-line: "C:\Program Files (x86)\WinSCP\WinSCP.exe" . 2019-02-10 17:39:56.869 Time zone: Current: GMT-5, Standard: GMT-5 (US Eastern Standard Time), DST: GMT-4 (US Eastern Daylight Time), DST Start: 3/10/2019, DST End: 11/3/2019 . 2019-02-10 17:39:56.869 Login time: Sunday, February 10, 2019 5:39:56 PM . 2019-02-10 17:39:56.869 -------------------------------------------------------------------------- . 2019-02-10 17:39:56.870 Session name: [email protected] (Site) . 2019-02-10 17:39:56.870 Host name: 192.168.1.112 (Port: 198) . 2019-02-10 17:39:56.870 User name: test1 (Password: Yes, Key file: No, Passphrase: No) . 2019-02-10 17:39:56.870 Tunnel: No . 2019-02-10 17:39:56.870 Transfer Protocol: SFTP (SCP) . 2019-02-10 17:39:56.870 Ping type: Off, Ping interval: 30 sec; Timeout: 15 sec . 2019-02-10 17:39:56.870 Disable Nagle: No . 2019-02-10 17:39:56.870 Proxy: None . 2019-02-10 17:39:56.870 Send buffer: 262144 . 2019-02-10 17:39:56.870 SSH protocol version: 2; Compression: No . 2019-02-10 17:39:56.870 Bypass authentication: No . 2019-02-10 17:39:56.870 Try agent: Yes; Agent forwarding: No; TIS/CryptoCard: No; KI: Yes; GSSAPI: Yes . 2019-02-10 17:39:56.870 GSSAPI: Forwarding: No; Libs: gssapi32,sspi,custom; Custom: . 2019-02-10 17:39:56.870 Ciphers: aes,chacha20,blowfish,3des,WARN,arcfour,des; Ssh2DES: No . 2019-02-10 17:39:56.870 KEX: ecdh,dh-gex-sha1,dh-group14-sha1,rsa,WARN,dh-group1-sha1 . 2019-02-10 17:39:56.870 SSH Bugs: Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto,Auto . 2019-02-10 17:39:56.870 Simple channel: Yes . 2019-02-10 17:39:56.870 Return code variable: Autodetect; Lookup user groups: Auto . 2019-02-10 17:39:56.870 Shell: default . 2019-02-10 17:39:56.870 EOL: LF, UTF: Auto . 2019-02-10 17:39:56.870 Clear aliases: Yes, Unset nat.vars: Yes, Resolve symlinks: Yes; Follow directory symlinks: No . 2019-02-10 17:39:56.870 LS: ls -la, Ign LS warn: Yes, Scp1 Comp: No . 2019-02-10 17:39:56.870 SFTP Bugs: Auto,Auto . 2019-02-10 17:39:56.870 SFTP Server: default . 2019-02-10 17:39:56.870 Local directory: C:\Users\mikej\OneDrive\Documents, Remote directory: /mnt/user/dup/test1, Update: Yes, Cache: Yes . 2019-02-10 17:39:56.870 Cache directory changes: Yes, Permanent: Yes . 2019-02-10 17:39:56.870 Recycle bin: Delete to: No, Overwritten to: No, Bin path: . 2019-02-10 17:39:56.870 DST mode: Unix . 2019-02-10 17:39:56.870 -------------------------------------------------------------------------- . 2019-02-10 17:39:56.896 Looking up host "192.168.1.112" for SSH connection . 2019-02-10 17:39:56.896 Connecting to 192.168.1.112 port 198 . 2019-02-10 17:39:56.897 We claim version: SSH-2.0-WinSCP_release_5.13.6 . 2019-02-10 17:39:56.919 Server version: SSH-2.0-OpenSSH_7.9 . 2019-02-10 17:39:56.919 Using SSH protocol version 2 . 2019-02-10 17:39:56.919 Have a known host key of type ssh-ed25519 . 2019-02-10 17:39:56.920 Doing ECDH key exchange with curve Curve25519 and hash SHA-256 . 2019-02-10 17:39:57.530 Server also has ecdsa-sha2-nistp256/ssh-rsa host keys, but we don't know any of them . 2019-02-10 17:39:57.531 Host key fingerprint is: . 2019-02-10 17:39:57.531 ssh-ed25519 256 1b:ac:e8:ff:be:74:a2:5c:b1:4f:ae:d7:c3:96:ab:c6 e65XSS0Ayo8BmglJWqdxYwIWCVifRKR1pAhpR56itzw= . 2019-02-10 17:39:57.582 Host key matches cached key . 2019-02-10 17:39:57.583 Initialised AES-256 SDCTR client->server encryption . 2019-02-10 17:39:57.583 Initialised HMAC-SHA-256 client->server MAC algorithm . 2019-02-10 17:39:57.583 Initialised AES-256 SDCTR server->client encryption . 2019-02-10 17:39:57.583 Initialised HMAC-SHA-256 server->client MAC algorithm ! 2019-02-10 17:39:57.623 Using username "test1". . 2019-02-10 17:39:57.654 Server offered these authentication methods: publickey,password,keyboard-interactive . 2019-02-10 17:39:57.654 Attempting keyboard-interactive authentication . 2019-02-10 17:39:57.660 Server refused keyboard-interactive authentication . 2019-02-10 17:39:57.660 Server offered these authentication methods: publickey,password,keyboard-interactive . 2019-02-10 17:39:57.660 Prompt (password, "SSH password", <no instructions>, "&Password: ") . 2019-02-10 17:39:57.660 Using stored password. . 2019-02-10 17:39:57.683 Sent password . 2019-02-10 17:39:57.695 Access granted . 2019-02-10 17:39:57.695 Opening session as main channel . 2019-02-10 17:39:57.739 Opened main channel . 2019-02-10 17:39:57.780 Started a shell/command . 2019-02-10 17:39:57.791 -------------------------------------------------------------------------- . 2019-02-10 17:39:57.791 Using SFTP protocol. . 2019-02-10 17:39:57.791 Doing startup conversation with host. . 2019-02-10 17:39:57.791 Server sent command exit status 1 . 2019-02-10 17:39:57.792 Disconnected: All channels closed * 2019-02-10 17:39:57.827 (EFatal) **Connection has been unexpectedly closed.** Server sent command exit status 1.

Okay, did all that. user disapeared from passwd file. Have recreated it and now it looks like you said it should... test1:x:1006:100:ftpuser mnt/user/dup/test1:mnt/user/dup/test1:/bin/false But now I cannot connect via ftp or ssh. Telnet also does not work.

I just tried to edit last field to /bin/false and now cannot login via ftp or ssh or telnet.

I am sitll able to telnet into my unraid server using the ftpuser I've created and looks like it behaves the same as if I'm using ssh or an ftp client... This was just done with telnet through putty. On the ProFTPd webgui Settings page I've Stopped, Started and Restarted multiple times. Unraid server has been rebooted multiple times too. I was hoping if was something simple I was missing but maybe I should have provided additional infomation from the beginning... I had tried to setup an ftp server not using the ProFTPd plugin a while ago, maybe a year or two. Never got that working. I can't remember what all I tried or did, but never even got a user created to login... Is it possible there is multiple ftp or ssh server configurations files or something that are conflicting with each other? I've uninstalled plugin and reinstalled before too... But by just clicking the Uninstall Plugin button on webgui page.

Thank you for reply. I've got users setup this way. When I ssh or sftp into my unraid box it will start me out in the defined path but I am not restricted to that path. I've been trying to make sense of the Debugging (http://www.proftpd.org/docs/howto/Debugging.html )help page but I'm strugging to fully understand what to do.

Hi, I have DefaultRoot ~ line in my proftpd.conf file but I still not having any luck restricting the user to their home directory. I have created user and can log in via sftp but I can still go anywhere in my file system. Help please? Thanks Here is my proftpd.conf # Server Settings ServerName ProFTPd ServerType standalone DefaultServer on PidFile /var/run/ProFTPd/ProFTPd.pid # Port 21 is the standard FTP port. You propably should not connect to the # internet with this port. Make your router forward another port to # this one instead. Port 21 # Set the user and group under which the server will run. User nobody Group users # Prevent DoS attacks MaxInstances 30 # Speedup Login UseReverseDNS off IdentLookups off # Control Logging - comment and uncomment as needed # If logging Directory is world writeable the server won't start! # If no SystemLog is defined proftpd will log to servers syslog. #SystemLog NONE #SystemLog /boot/config/plugins/ProFTPd/slog TransferLog NONE #TransferLog /boot/config/plugins/ProFTPd/xferlog WtmpLog NONE # As a security precaution prevent root and other users in # /etc/ftpuser from accessing the FTP server. UseFtpUsers on RootLogin off # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # "Jail" FTP-Users into their home directory. (chroot) # The root directory has to be set in the description field # when defining an user: # ftpuser /mnt/cache/FTP # See README for more information. DefaultRoot ~ # Shell has to be set when defining an user. As a security precaution # it is set to "/bin/false" as FTP-Users should not have shell access. # This setting makes proftpd accept invalid shells. RequireValidShell no # Normally, we want files to be overwriteable. AllowOverwrite on