nayr

Very much appreciate I can secure my unRaid now w/traditional passwords. I request that if the boot-flash contains an authorized_keys file preloaded with SSH public keys, that this file is used for SSH based login and SSHD config is appended with: PasswordAuthentication no This would further harden root SSH access and effectively secure this entry point from any brute force attacks, likely internally from another compromised machine.. If desired web access can already be hardened w/client based tokens via firewalls and a reverse proxy, but that would be pretty cool it supported like a 2FA app for web auth since you can gain a root shell via web-ui.

Moved most of my NFS needs to a Ganesha-NFS via Docker and much grief in my system is now gone.. Emby loads quicker w/out randomly spinning forever, no stale file handlers, services can recover from nas restart, and Kubernetes is generally happier dealing w/NFSv4 Why this is not a priority I've no idea, it needs to be.. I'm only using SMB for TimeMachine backups, vast majority of traffic is NFS and now I've nearly abandoned unRaid's native sharing.. thank god for docker or I'd be looking at unraid alternatives at this point.