Jump to content

docgyver

Community Developer
  • Content Count

    20
  • Joined

  • Last visited

Community Reputation

5 Neutral

About docgyver

  • Rank
    Member

Converted

  • Gender
    Male
  • Location
    Atlanta, GA

Recent Profile Visitors

The recent visitors block is disabled and is not being shown to other users.

  1. Did you install both SSH and Denyhosts plugins? Denyhosts default behavior is to block logins to root with only a single failure. You may need to whitelist your source IP. I will wait to speculate further on the problem until after you confirm Denyhosts install or lack.
  2. Thanks for the quick response @strike. I've added a Main and FAQ page at the nudging. :)
  3. NO worries. I should have looked closer when I did the commit. Thanks for your effort as well. Helps to work together.
  4. Quite correct Shaun. I didn't check the location of the "Post Install" script in the plg file in relation when I accepted the patch. I moved it to the bottom right above the script which does the "bottonstart" execution kicking off the plugin and things are fine now. If anyone has issues applying the update it may be caused by a rogue /var/log/plugins/ssh.plg file remaining after the failure of 2018.01.18 to load. "Easiest" (i.e. Web UI) fix is a reboot but is not not required if you are comfortable on the command line. Manual fix can be accomplished by running the command "rm /var/log/plugins/ssh.plg" by your preferred method (e.g. ssh and command line, User Scripts plugin...) Follow that in the UI with a check for updates on the plugins page and then update.
  5. Yeah me too. Been working on a broken Nextcloud docker from 443 being part of the management interface. Let me see what is wrong with the new code.
  6. Thanks so much. I opened up the file to change on Monday and hadn't even looked at the browser tab since. I also update the version so that someone checking for update will have a new version number. Maybe someday I'll get some icons in there too. I did find a couple that made sense and were CC license.
  7. No significant implications. Group has no need for write access. Giving "other" read and execute is a bit more pemissive but it isn't like what that folder holds can't be known. It's on github I'll see what I need to change to get the permissions right on create. IIRC there was a mask involved. Been too lazy to pick an Icon. Wish there was a standard one. I'll take a look to see if there is one now.
  8. Depends on on which plugin you are asking about. The DenyHosts plugin is intended to detect unwanted connections and block the source IP. The SSH plugin is intended to enable persisting various settings. Which of the two are you running?
  9. Odd. I don't normally use another user but do have a couple defined. I will try to reproduce what you are seeing and fix it.
  10. I am still running 6.2.4 because my last jump broke my Owncloud (now NextCloud) docker image. I haven't read the readme on what changes from 6.2 to 6.3 but I'd be surprised if it breaks the plugin. Do you have the files in the right folder on /boot? SSH files on my machine are like the following (with noise files removed). Note the dot (.) in .../user/.ssh/... $find /boot/config/plugins/ssh ! -type d /boot/config/plugins/ssh/ssh.cfg /boot/config/plugins/ssh/root/.ssh/authorized_keys /boot/config/plugins/ssh/otheruser/.ssh/authorized_keys
  11. I didn't try changing the icon when I took over the plugins and have no preference. If you can send me the icon or a link I will add it to the plugin directly.
  12. I'm on a business trip which makes me cautious about changing the port that I use in case it would cause me to lose access but I will give it a try hopefully tonight. It sounds like the problem may have resolved itself but still it would be good for me to try changing the port just to make sure that all works. doc..
  13. Somehow I've been missing notifications on the thread. I must have deleted one and never got back here. I just updated to 6.2.4 on Friday and blew up docker containers since I didn't RTFM before jumping from 6.1 to 6.2. I hope to have things cleared up sometime today (Monday) and will look at both ssh and Denyhosts. I can tell you that ssh plugin seems to be working for me without any further changes. At least my authorized keys file is making it into place. I'll kick the tires on other features late today or tomorrow. Sorry for my absence. doc..
  14. If you don't open up SSH to the outside via a Port Forward, "DMZ Host Forward", or some other means then your risk is fairly low that you would have attackers. Denyhosts monitoring then becomes, as you imply, one more thing to clean up, monitor, ignore, ... This may come off a bit "tin-foil hat" but one thing to keep in mind is that our IOT (internet of things) devices are notoriously bad about security. At some point they will likely become beach-head or bot-net "infected" devices. If you want to control your light bulbs from your phone you should consider adding them and all other IOT devices to their own network. </tin-foil> Adding the SSH plugin may be something you want to consider if for no other reason it helps with setting up public-key style auth. It sucks to have to type a complicated password for my unraid when I'm on my tablet. :-) hth, doc..
  15. I just noticed that myself yesterday. Been going on in my logs for quite some time too. Looks like it only happens on start but you will likely see a permissions issue on sync-hosts more regularly. It looks like I was getting it each time denyhosts detected a new suspicious event. I noticed that denyhosts was running as "sudo -h nobody" and nobody would not have access to /etc files. Yesterday I removed the sudo which broke things then changed it to just sudo without the "-h nobody" it has been running fine. As best I can tell the original author's intent behind using sudo is/was two-fold. I am almost certain he was trying to orphan the daemon. Without the sudo the web page never returns after you click "start". The second possible reason is to lower the privilege of the daemon. If that was the intent it must have been that /etc/hosts.deny (et. al.) had different permissions and/or ownership in the past. For my use I'm ok with the daemon running as root so I've updated the plg file. If you "check for updates" on your plugins you should see the new version now.