mcleanap
-
Posts
80 -
Joined
-
Last visited
Content Type
Profiles
Forums
Downloads
Store
Gallery
Bug Reports
Documentation
Landing
Posts posted by mcleanap
-
-
I am currently using OpenSSH and tried a few things to get this work - hosed my root SSH access for a bit in the process, so I figured I would check if anyone actually knows how to do this.
The end result is using WHMEasyBackup to SSH to one folder in order to send cpanel backups to my server.
Any ideas?
-
@SlrG Beauty! This works - internally and externally.
Now, I have to figure out why WHMEasyBackup is failing. I did use that private key in cpanel SSH Access. I think that's all I need, but will continue to work on this.
Huge Thanks!
-
To enable sftp:
open a shell on your unraid server and issue the following commandscd /etc/sshssh-keygen
Enter the name of the keyfile (sftp_rsa_key) and no passphrase.
You will get two files sftp_rsa_key and sftp_rsa_key.pub. The public key needs to be converted to another format to make it usable by proftpd:ssh-keygen -e -f sftp_rsa_key.pub | sudo tee sftp_user_keys
You will get a new file sftp_user_keys. Now the owner and permissions will need to be changed:
chown nobody:users sftp_rsa_key sftp_rsa_key.pub sftp_user_keyschmod 600 sftp_rsa_key sftp_rsa_key.pub sftp_user_keys
Now to make your system restore the correct permissions of this keys on boot you will need to modify the mountscript:
nano /boot/config/plugins/ProFTPd/mountscript.sh
Insert the following lines:
chown nobody:users /etc/ssh/sftp_rsa_key /etc/ssh/sftp_rsa_key.pub /etc/ssh/sftp_user_keyschmod 600 /etc/ssh/sftp_rsa_key /etc/ssh/sftp_rsa_key.pub /etc/ssh/sftp_user_keys
Now edit your proftpd.conf file and insert:
<IfModule mod_sftp.c> SFTPEngine on Port 2222 SFTPLog /var/log/sftp.log SFTPHostKey /etc/ssh/sftp_rsa_key SFTPAuthorizedUserKeys file:/etc/ssh/sftp_user_keys SFTPAuthMethods publickey SFTPKeyBlacklist none SFTPDHParamFile /usr/local/SlrG-Common/usr/local/etc/dhparams.pem</IfModule>
Don't forget to restart the proftpd server to enable the changes.
You need to copy the sftp_rsa_key and take it with you, to access your server. If you are using FileZilla to connect, the file needs to be converted to a usable format and stored in FilzeZillas settings.
This is great. I will give it a shot later today.
I'm looking at a way to move back ups of cpanel from a web host. It's the only reason I want to open this up.
Sent from my SM-G930W8 using Tapatalk
-
On 4/10/2017 at 0:57 PM, SlrG said:
WTF. Now all of a sudden it stopped working for me, too. I'm not able to connect internally with FileZilla and TLS enabled. Externally with TLS works fine. And now the weird thing. Trying with FireFTP and TLS works internally but not externally. Sadly the logs don't show anything helpful.
# Server Settings ServerName ProFTPd ServerType standalone DefaultServer on PidFile /var/run/ProFTPd/ProFTPd.pid # Port 21 is the standard FTP port. You propably should not connect to the # internet with this port. Make your router forward another port to # this one instead. Port 21 # Set the user and group under which the server will run. User nobody Group users # Prevent DoS attacks MaxInstances 30 # Speedup Login UseReverseDNS off IdentLookups off # Control Logging - comment and uncomment as needed # If logging Directory is world writeable the server won't start! # If no SystemLog is defined proftpd will log to servers syslog. #SystemLog NONE #SystemLog /boot/config/plugins/ProFTPd/slog TransferLog NONE #TransferLog /boot/config/plugins/ProFTPd/xferlog WtmpLog NONE # As a security precaution prevent root and other users in # /etc/ftpuser from accessing the FTP server. UseFtpUsers on RootLogin off # Umask 022 is a good standard umask to prevent new dirs and files # from being group and world writable. Umask 022 # "Jail" FTP-Users into their home directory. (chroot) # The root directory has to be set in the description field # when defining an user: # ftpuser /mnt/cache/FTP # See README for more information. DefaultRoot ~ # Shell has to be set when defining an user. As a security precaution # it is set to "/bin/false" as FTP-Users should not have shell access. # This setting makes proftpd accept invalid shells. RequireValidShell no # Normally, we want files to be overwriteable. AllowOverwrite on <Directory /mnt/cache/FTP> UserOwner nobody GroupOwner users Umask 000 </Directory> <IfModule mod_tls.c> TLSEngine on TLSLog /var/log/proftpd-tls.log TLSProtocol SSLv3 TLSv1 TLSOptions NoSessionReuseRequired TLSRSACertificateFile /boot/config/plugins/ProFTPd/proftpd.cert.pem TLSRSACertificateKeyFile /boot/config/plugins/ProFTPd/proftpd.key.pem TLSVerifyClient off TLSRequired on TLSMasqueradeAddress xxx.ddns.net </IfModule> PassivePorts 60000 60100
Did you ever get this working internally? I am facing the same issue.
-
I have ProFTPd up and running, however, I would like it to be a bit more secure. I've read through a lot of posts about it now, and it doesn't seem to be easily implemented.
I have added the following to my .conf
SFTPEngine on # Configure both the RSA and DSA host keys, using the same host key # files that OpenSSH uses. SFTPHostKey /boot/config/ssh/ssh_host_rsa_key SFTPHostKey /boot/config/ssh/ssh_host_dsa_key SFTPAuthMethods privatekey SFTPAuthorizedUserKeys file:/boot/config/ssh/authorized_keys # Enable compression SFTPCompression delayed
ProFTPd Service does not start when I add the 2 hostkeys.
I am open to other ideas to get this working.
Thanks
-
Nevermind...got it
-
You're exactly correct. When I installed LibreSonic, I think it added 2 folders "music" and "podcasts". My original share was "Music" so I guess it was confusing them.
So how do I safely go about deleting the music - all lowercase?
-
So, I have been running unRAID for years. I recently upgraded to 6.2.4 because I wanted to upgrade subsonic to version 6 and use the docker by Hurricane. I got everything working...including subsonic. The only issue has been a DNS problem, but I am working on that.
I recently tried LibreSonic as well to test it out. As I was trying a few things, I noticed that I could no longer see any files in my Music share when viewing in Windows File Explorer. Other shares I have seem to still have all the files.
When I go into the unRAID GUI, and view contents of the shares, I do see the files listed.
Any ideas why they are not showing in File Explorer?
-
On 2/12/2017 at 6:23 PM, elbobo said:
Sadly, I was dead in the water. I agree with you that it is odd that it's a hardware thing since mine worked on the plugin but not on the docker as well.
What I did do that "fixed" my issue is I switched from the Subsonic Docker to the LibreSonic Docker, works fine from within there as well. Plus LibreSonic is still being updated whereas SubSonic switched to a close source business model so there won't be another major update on it. (From what I have read)
I haven't read up much on LibreSonic. Does it work the same way? I loved Subsonic for it's android apps and Sonos capabilities.
-
It's been a long time since anyone posted on this subject, but I am having the exact same issue.
Was there any solution on this, or dead in the water?
It's just odd that I have the same hardware - only thing that has changed is using the Subsonic docker, instead of the Phaze plugin.
-
Thank you for the quick reply.
It was already set to Host. I switched it to Bridge to see what would happen, and then it resolved to http://172.17.0.2:4040/
-
So I have Subsonic running on an unRAID server. I have had this running for a few years now. I just upgraded my unRAID server, and thus installed the latest version of Subsonic using this docker..
Things are running OK, but something odd is happening. My internal IP address for Subsonic is 192.168.1.200:4040
First, when I went to connect to Sonos, I get the following log entry:
Enabling Sonos music service, using Sonos controller IP 192.168.1.110, SID 242, and Subsonic URL http://192.168.122.1:4040/ws/Sonos'>http://192.168.122.1:4040/ws/Sonos
Note that the IP address that Subsonic is trying to register with Sonos is 192.168.122.1:4040. I would expect this to be the same as the IP address I am using for accessing Subsonic GUI. 192.168.122.1 is not even in my IP range on the router.
In addition, I have this setup to access externally using the custom URL. It works fine when I am not connected to my own network. When I am though, it fails to resolve and it ends up trying to resolve to http://192.168.122.1:4040
Any ideas what is happening here?
-
Thanks. I will give this a try tonight. I may even switch back to my router soon anyway.
-
Yes....I guess it's not real problem as I can certainly fix it once I go back to my router (or at least I hope so now). Be nice to know what the issue is though. Probably something on the modem blocking it.
I did find this, but this person could not connect to anything - https://lime-technology.com/forum/index.php?topic=40302.0
-
Ya, it definitely works with my router....as I had it running off the router up until a few days ago. With the intermittent speeds and Rogers technicians involved, I wanted to run the internet straight through the modem for the time being. Just though it would be a simple switch....apparently not.
-
Yes, using a static IP address for unRAID Server. 192.168.1.200.
I also have that ip address reserved under DHCP reservation, specify the MAC address.
The old IP range is the same as I am using now. The old router is turned off, so no devices are connected. The IP address from other computers in the house are 192.168.1.3 and 192.168.1.4.
I can access 192.168.1.200 from the browser and see my unRAID GUI. I have rebooted the unRAID server as well as my other computers.
I'll look into upgrading unRAID this week; at worst perhaps that solves this issue.
-
-
Very little. The only one I use on an every day basis was Subsonic provided by PhAzE. That is the only one I would be concerned with.
-
Yes. 5.0.6 unfortunately. Been meaning to upgrade for the past several months, but something else comes up.
On average, how much time should I allocate to do this?
-
I recently moved my internet service to Rogers to utilize their gigabit plan. I do plan on using my own router once I am happy with their service (their latest modem has been spotty), but until then, I would like to use their modem/router.
The default LAN IP was 192.168.0.1 and DCHP range was from 192.168.0.10 to 192.168.0.200.
I updated these settings to reflect what I was using on my router so I didn't have to update any of my devices.
Upon doing this, I can still get access to 192.168.1.200 for the unraid server, however, TOWER is no longer being recognized. I tried changing the name in case it was cached, and still nothing.
Anyone have an idea of what could be causing this?
Thanks
-
-
I just installed this plugin fresh and 6.0 gets installed. What version do you see currently installed?
From command line run: /etc/rc.d/rc.Subsonic latestversion
That should say 6.0. I'll also need to know the unraid version you are running.
I am seeing:
Installed Version:5.3
Plugin Version: 2016.09.17.1
I am still using unraid 5.0.6
When I run that command I see nothing.
root@Tower:~# /etc/rc.d/rc.Subsonic latestversion
root@Tower:~#
-
Any idea how SubSonic can be upgraded to 6.0?
Would anyone know how to get Subsonic updated to the latest 6.0 version? Or is it even possible using the [PhAzE] plugins?
Thanks
-
Any idea how SubSonic can be upgraded to 6.0?
Creating SSH User and restrict to a single user share
in Plugin System
Posted
Figured as much. I can restrict each ssh user by ip address though, correct?
Sent from my SM-G930W8 using Tapatalk