Unraid 6.9 SSH improvements and required adjustments to the /config/go file


Recommended Posts

 

Hi all,

 

First of all many thanks to @limetech for the continuous development of Unraid and for the new 6.9 version.

 

I am now preparing to upgrade and want to modify my /config/go file in order to comply with new features such as the including of Intel i915 drivers or the changes made to the SSH configuration.

 

Indeed, my attention was caught regarding the SSH improvements: https://wiki.unraid.net/Unraid_OS_6.9.0#SSH_Improvements , the following part in particular:

Quote

In addition, upon upgrade we ensure the config/ssh/root directory exists on the USB flash boot device; and, we have set up a symlink: /root/.ssh to this directory.  This means any files you might put into /root/.ssh will be persistent across reboots.

Note: if you examine the sshd startup script /etc/rc.d/rc.sshd, upon boot all files from the config/ssh directory are copied to /etc/ssh (but not subdirs).  The purpose is to restore the host ssh keys; however, this mechanism can be used to define custom ssh_conf and sshd_conf files.

 

Currently, my /config/go file is set up to allow unsupervised SSH connections to/from my remote backup server via RSA keys. I noticed that @Hoopster (whom I suspect might have the same kind of configuration) also noted that upgrading to Unraid 6.9 would require adjustments to the go file: https://forums.unraid.net/topic/103388-unraid-os-version-690-available/?do=findComment&comment=954138 

 

My /config/go file is currently as follows: 

 

[...]

# Copy RSA files to /root/.ssh folder and set permissions for files (not for Unraid 6.9+)

# 1. Create .ssh folder for root
mkdir -p /root/.ssh

# 2. Copy private RSA key to localhost as id_rsa
cp /boot/config/sshroot/server.key /root/.ssh/id_rsa

# 3. Add authorized public RSA key to authorized_keys
cat /boot/config/sshroot/client1.pub >> /root/.ssh/authorized_keys

# 4. Add authorized public RSA key to authorized_keys
cat /boot/config/sshroot/client2.pub >> /root/.ssh/authorized_keys

# 5. Copy known_hosts to localhost to allow unsupervised connections
cp /boot/config/sshroot/known_hosts /root/.ssh/known_hosts

# 6. Apply correct permissions to .ssh folder's content
chmod g-rwx,o-rwx -R /root/.ssh

[...]

 

My understanding is that I can simply remove all of the above from the /config/go file and just run once and for all the following commands before updating to Unraid 6.9:

 

mkdir -p /boot/config/ssh/root
cp /root/.ssh/id_rsa /boot/config/ssh/root
cp /root/.ssh/authorized_keys /boot/config/ssh/root
cp /root/.ssh/known_hosts /boot/config/ssh/root
chmod g-rwx,o-rwx -R /boot/config/ssh/root

 

Is that correct ?

 

Many thanks,

OP

 

Edited by Opawesome
fixed typo in code
Link to comment

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

×   Pasted as rich text.   Restore formatting

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.