Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

FTP needed

Featured Replies

Greeting Ladies and Gents,

 

I manage a server for a friend's machine shop. They have an old Sharp copier that they use for blueprints (works great) and scanning to the server. I had Proftpd setup since the only protocol the old server uses for scanning to network is FTP. (I told you that the copier is old.) Proftpd no longer works in Unraid 7.0 so I need an alternative. Any suggestions?

  • Community Expert

Did you search the Apps page?

  • Community Expert

CrushFTP works well on UNRAID, but it is a bit too much for that pupose.

  • Author

Yes, I did search apps but it seemed that the tools I see there are for downloading from an FTP source (that is, if I understand their descriptions correctly)

  • Community Expert
4 minutes ago, rdagitz said:

for downloading from an FTP source

As I said: look at CrushFTP. Its a server where the scanner can send his files too (after it has been configured proper

  • Author
Quote

(after it has been configured proper

Any guidance on that?

  • Community Expert
10 hours ago, rdagitz said:

Any guidance on that?

Dunno what you need. Simply you set up a User, give him access to share(s) and thats it. CrushFTP just can do so many more things that might confuse you at first. But if you keep it simple, there should not be a big problem.

 

  • Author

When you say "set up a user and give access to share(s)" do you mean in Unraid, in CrushFTP or both? I am very familiar with Unraid but feel like I am poking around in the dark on CrushFTP.

  • Community Expert

I prefer to use ssh and sftp.

You can install a docker and setup user profiles with a fail2ban to protect your self and configure a secusre ftp instance...
port 22


Unriad has a builtin ftp server. 
review in docs:

https://docs.unraid.net/unraid-os/manual/shares/network-access/

 

Unriad has a builtin ssh server.

I run and recomend:

image.png.a9797d3f9ef4d3e9c383581facb181f5.png

 

Base: phusion/baseimage:master-amd64

Size: 357MB

Application: https://www.openssh.com/

Application Version: Latest when docker was built on 03/22/2021

Docker Hub: https://hub.docker.com/r/markusmcnugen/sftp/

Github: https://github.com/MarkusMcNugen/docker-sftp

 

Runnign that docker,

I add this aditional data to the docker template..

image.thumb.png.7389f02dcc26e3b696a1b9ff93652bb7.png

 

admin user as seen here is the default user and has full acceess...
note other "ftp/secure ssh sftp users"

Using this methiod Logan only has access to the path set to profile.
If I want another path for logan to login to use i would add a path for
/home/logan/data

so when filezilla / sftp access logan will see profile and data and can only access that data...

 

image.png.171d97327e867f1e9e8f16f18a5d357c.png

recomend ssh_cofig:

# Secure SSHD Configuration
# Based on best practices and secure defaults

# Protocol and Key Settings
Protocol 2
HostKey /config/sshd/keys/ssh_host_ed25519_key
HostKey /config/sshd/keys/ssh_host_rsa_key
KexAlgorithms curve25519-sha256,[email protected]
Ciphers [email protected],[email protected]
MACs hmac-sha2-512,hmac-sha2-256

# Authentication
PermitRootLogin no
#PasswordAuthentication no
# Disable password authentication (use keys only)
#PubkeyAuthentication yes
# Enable public key authentication
AuthorizedKeysFile %h/.ssh/authorized_keys

# Login Grace and Timeouts
LoginGraceTime 0                 # Allow 30 seconds to authenticate
MaxAuthTries 2                    # Limit failed login attempts
#MaxSessions 2                     # Restrict concurrent sessions

# Connection Settings
UseDNS no
AllowTcpForwarding no
GatewayPorts no
PermitTunnel no

# SFTP and Chroot Jail
Subsystem sftp internal-sftp
ForceCommand internal-sftp
ChrootDirectory %h
AllowAgentForwarding no

# Logging and Monitoring
SyslogFacility AUTH
LogLevel INFO
# Detailed logging for debugging and monitoring

# Additional Security
#ClientAliveInterval 300
# Disconnect idle clients after 5 minutes
#ClientAliveCountMax 2
# Allow two keep-alive messages before disconnection
#AllowUsers sftpuser
# Restrict access to specific users (modify as needed)
DenyUsers root
# Explicitly deny root login

# Host Key Algorithms (Optional: Ensure older clients can connect)
HostKeyAlgorithms ssh-ed25519,rsa-sha2-512,rsa-sha2-256

review other options here:

https://linux.die.net/man/5/sshd_config

 

example users_config
*This is what generates the accounts for ssh / sftp for ftp access

admin:password:1000:100
brandon:password:1001:100
will:password:1002:100
elliott:password:1003:100
logan:password:1004:100
chris:password:1005:100

so logan can login with user logan and passowrd password ...
Run docker once to generate files go into the appdata sshd folder and make the above files for you ftp users...

as this also comes prepackaged with fail2ban and a jails.conf
to help limit ssh/ftp attacks...
image.png.7471384e2a932542e63d8219fa2413f1.png

 

edit the jails.conf and adjust times...
see more: https://manpages.debian.org/experimental/fail2ban/jail.conf.5.en.html

# "bantime" is the number of seconds that a host is banned.
bantime  = 86400

# A host is banned if it has generated "maxretry" during the last "findtime"
# seconds.
findtime  = 3600

# "maxretry" is the number of failures before a host get banned.
maxretry = 2

hour locks 24hour ban if failure.

you can console to the docker and run a simple comand to unban...

list banned IPs (to confirm the ban):

fail2ban-client status <jail-name>
fail2ban-client set <jail-name> unbanip <IP-address>


example:

fail2ban-client set sshd unbanip 192.168.2.251


This is my recomend scure way to run a sftp server where things are isolated and you have proptecton against bad actors...
 

Edited by bmartino1
typo

  • Community Expert

simlar to sftp, crush ftp is a docker install for ftp (port 21)

image.thumb.png.d0c0f5dd5bd4ed960ac909f1edf7467f.png

 

here like filezilla, you can use a web http page to configure your ftp server:

image.thumb.png.148df2a069d42ff5718b338da8f643cc.png

Edited by bmartino1

  • Community Expert

you can also make your own docker image and run Proftpd

 

example docker file:

# Use an official Ubuntu image as the base
FROM ubuntu:20.04

# Set environment variables to prevent interactive prompts
ENV DEBIAN_FRONTEND=noninteractive

# Update the package list and install ProFTPD
RUN apt-get update && \
    apt-get install -y proftpd && \
    apt-get clean

# Configure ProFTPD to run in standalone mode
RUN sed -i 's/^#ServerType\s*inetd/ServerType standalone/' /etc/proftpd/proftpd.conf && \
    sed -i 's/^#DefaultRoot.*/DefaultRoot ~/' /etc/proftpd/proftpd.conf && \
    sed -i 's/^#RequireValidShell.*/RequireValidShell off/' /etc/proftpd/proftpd.conf

# Add an FTP user (username: ftpuser, password: ftpuserpass)
RUN useradd -m -d /home/ftpuser -s /bin/false ftpuser && \
    echo "ftpuser:ftpuserpass" | chpasswd

# Set permissions for the FTP user's home directory
RUN mkdir -p /home/ftpuser/ftp && \
    chown ftpuser:ftpuser /home/ftpuser/ftp

# Expose port 21 for FTP
EXPOSE 21

# Start ProFTPD in foreground mode
CMD ["proftpd", "--nodaemon"]

 

build the docker file:

docker build -t proftpd-server .


example docker run command:

docker run -d --name proftpd-container -p 21:21 proftpd-server

*Atempte to reuse your old proftpd temapte and repalce the repo for proftpd-server to use your docker...

image.png.894b4dfe762c051202b2cba32f60023a.png

 

Edited by bmartino1

  • Community Expert

No News is good news... as there also other premade docker images out there... one could use the docker compose plugin
and using a premade proftpd docker:
Example:
https://hub.docker.com/r/pockost/proftpd

with compose file:

proftpd:
  image: pockost/proftpd
  volumes:
    - ./proftpd.conf:/usr/local/etc/proftpd.conf
    - ./data/ftp:/data
    - ./data/ssh:/etc/ssh
  links:
    - mysql
  ports:
    - "20:20"
    - "21:21"
    - "22:22"
    - "60000-60100:60000-60100"
mysql:
  image: mariadb
  ports:
    - 3306:3306
  environment:
    - MYSQL_ROOT_PASSWORD=password
    - MYSQL_DATABASE=proftpd

 

or make a custum unraid template example:

https://github.com/MekayelAnik/proftpd-server-alpine

services:
  proftpd-server-alpine:
    image: mekayelanik/proftpd-server-alpine:latest
    container_name: proftpd-server-alpine
    environment:
      - TZ=Asia/Dhaka
      - FTP_PORT=21
      - NUMBER_OF_SHARES=4
      - FTP_SHARE_1=SHARE_1
      - FTP_PASSWORD_1=PASS_1
      - FTP_SHARE_1_PUID=1001
      - FTP_SHARE_1_PGID=1001
      - FTP_SHARE_2=SHARE_2
      - FTP_PASSWORD_2=PASS_2
      - FTP_SHARE_2_PUID=1002
      - FTP_SHARE_2_PGID=1002
      - FTP_SHARE_3=SHARE_3
      - FTP_PASSWORD_3=PASS_3
      - FTP_SHARE_3_PUID=1003
      - FTP_SHARE_3_PGID=1003
      - FTP_SHARE_4=SHARE_4
      - FTP_PASSWORD_4=PASS_4
      - FTP_SHARE_4_PUID=1004
      - FTP_SHARE_4_PGID=1004
    volumes:
      - /mnt/Vol1:/data/SHARE_1     
      - /mnt/Vol1:/data/SHARE_2
      - /mnt/Vol1:/data/SHARE_3
      - /mnt/Vol1:/data/SHARE_4
    restart: unless-stopped

 

and 
https://hub.docker.com/r/instantlinux/proftpd

and make a custom unriad template with docker variables:
image.png.3f94dbb26ca6817987175a6292ed7026.png

 

I will glady help where I can. As I have had some experience 10ish years ago on those sharp scanners and setting up a connection...

 

  • Author

Amazing information! Thank you. When I get the opportunity to get to that shop I will try some of these options and see if I hit pay dirt. I'll make sure to post back and let you know how it goes. Thanks again

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.