Skip to content
View in the app

A better way to browse. Learn more.

Unraid

A full-screen app on your home screen with push notifications, badges and more.

To install this app on iOS and iPadOS
  1. Tap the Share icon in Safari
  2. Scroll the menu and tap Add to Home Screen.
  3. Tap Add in the top-right corner.
To install this app on Android
  1. Tap the 3-dot menu (⋮) in the top-right corner of the browser.
  2. Tap Add to Home screen or Install app.
  3. Confirm by tapping Install.

SSH and Denyhosts updated for v6.1

Featured Replies

Hopefully this is the right place for posting new/updated plugins.

 

For a long time I have been used the ssh plugin for installing (and now just persisting settings for) ssh.  By shear luck (not sure good or bad) I jumped from v5 straight to v6.1.  Due to the security improvements in v6.1 the current copy of the only ssh plugin I was aware of did not work.

 

I saw both in the support thread and github repo that people were asking about updates and so I decided to fix the plugin for myself and post a patch.  Since then I learned that the maintainer seems to have either taken a break or been otherwise busy.  I'm studiously avoiding naming the person since I don't know if there are political mines that I'm stepping around but will say I am very grateful for his initial work on creating the plugin.  Without that effort I am sure I would not have forked the copy and started maintaining it.

 

You can find my version of both the SSH and DenyHosts plugins here.

 

Note the other plugins by the previous author are also there but HAVE NOT BEEN UPDATED IN ANY WAY.  Indeed the support files will still be pulled from the original fork's release/download folders even if you grab the .plg file from my repo.

 

I'm not new to unRaid but I am new to developing for it so I welcome constructive feedback and will respond as quickly as my time will allow to any issues people have with the plugins I'm maintaining.

Since I think these posts can be edited I will update this list here when and if I update the other items that I forked.

 

Currently maintaining:

  • ssh
  • DenyHosts

 

-edit:

Plugins which can now be found as docker containers:

Beets, Dropbox, LogitechMediaServer, NZBGet, Pyload

 

DocGyver..

Edited by docgyver
Refer people to docker containers for deprecated plugins

  • Replies 220
  • Views 75.3k
  • Created
  • Last Reply

Top Posters In This Topic

Most Popular Posts

  • Quite correct Shaun. I didn't check the location of the "Post Install" script in the plg file in relation when I accepted the patch.   I moved it to the bottom right above the script which d

  • Hi everyone!   I think I found the error   Check your files in /etc/ssh   ls -la /etc/ssh   You may get something like this:   -rw-------  1 root root 246880 Aug  5 09:34 moduli -

  • JustinAiken
    JustinAiken

    For anyone wondering how:   Do chmod 755 /usr/local/emhttp/plugins/ssh to fix it for your current session.   Or add to `/boot/config/go` to make it fixed each time you start:

Posted Images

big thnx. its working again as expected. keep it up. :)

both plugins tested on 6.1.9

Yes, finally! Thanks! Been waiting for this. :) Installed both plugins and testing them now on 6.1.9. One thing tho, puttygen isn't installed with the ssh plugin like it says in the readme at least it wasn't when I tried. So I ended up using puttygen on my windows install to convert the private key to putty format. I guess i could have installed it in unraid cause the putty-0.64-x86_64-1rj.txz is in included but I didn't know how to so windows was the fastest way to solve it.

 

Edit: Also, Denyhosts doesn't show all the "text options" on the dark theme so I don't what the settings are for, have to switch to white theme to see them.

08-03-2016_14-56-23.jpg.c3a6a61c83d418d62e19d3646764636d.jpg

Looks like you have used a version of python that is older and will probably conflict with the python PhAzE is using in his very popular plugins.

I'm going to move this to the 6.1 Verified forum, but please send me a PM if anyone discovers an incompatibility that I haven't yet.

I'm going to move this to the 6.1 Verified forum, but please send me a PM if anyone discovers an incompatibility that I haven't yet.

So did you already test it with the PhAzE plugin mentioned in the link I gave above?

 

I can well remember the bad old days of v5 when syslogs were full of plugins installing one version of something, then another plugin comes in and deletes all that so it can install a different version.

I'm going to move this to the 6.1 Verified forum, but please send me a PM if anyone discovers an incompatibility that I haven't yet.

So did you already test it with the PhAzE plugin mentioned in the link I gave above?

 

I can well remember the bad old days of v5 when syslogs were full of plugins installing one version of something, then another plugin comes in and deletes all that so it can install a different version.

Nope. Don't care about plugin to plugin compat. Just that it works on 6.1.

  • 4 weeks later...

Thank you for upgrading this to v6.1!

 

I'm receiving an error when the deaemon is trying to purge hosts.deny. Do I need to change permissions in my /etc directory to allow DenyHosts to write to the file?

 

The denyhosts.out log is:

2016-04-05 07:57:45,772 - denyhosts   : INFO     new denied hosts: ['113.183.70.101', '113.190.244.206', '193.201.227.175', '185.110.132.54', '14.182.86.235']
2016-04-05 07:58:15,802 - denyfileutil: INFO     purging entries older than: Tue Mar 22 07:58:15 2016
2016-04-05 07:58:15,803 - denyfileutil: WARNING  [Errno 13] Permission denied: '/etc/hosts.deny.purge.bak'
2016-04-05 07:58:15,803 - root        : ERROR    [Errno 13] Permission denied: '/etc/hosts.deny.purge.tmp'
Traceback (most recent call last):
  File "/usr/lib64/python2.7/site-packages/DenyHosts/deny_hosts.py", line 241, in sleepAndPurge
    purge_time)
  File "/usr/lib64/python2.7/site-packages/DenyHosts/denyfileutil.py", line 145, in __init__
    purged_hosts = self.create_temp(self.get_data())
  File "/usr/lib64/python2.7/site-packages/DenyHosts/denyfileutil.py", line 218, in create_temp
    raise e
IOError: [Errno 13] Permission denied: '/etc/hosts.deny.purge.tmp'

  • Author

I just noticed that myself yesterday.  Been going on in my logs for quite some time too.  Looks like it only happens on start but you will likely see a permissions issue on sync-hosts more regularly.  It looks like I was getting it each time denyhosts detected a new suspicious event.

 

I noticed that denyhosts was running as "sudo -h nobody" and nobody would not have access to /etc files.  Yesterday I removed the sudo which broke things then changed it to just  sudo without the "-h nobody" it has been running fine.

 

As best I can tell the original author's intent behind using sudo is/was two-fold.  I am almost certain he was trying to orphan the daemon.  Without the sudo the web page never returns after you click "start".

 

The second possible reason is to lower the privilege of the daemon.  If that was the intent it must have been that /etc/hosts.deny (et. al.) had different permissions and/or ownership in the past.

 

For my use I'm ok with the daemon running as root so I've updated the plg file.  If you "check for updates" on your plugins you should see the new version now.

Is this a plugin I need?

 

I don't have the port for SSH forwarded outside my LAN, so like would DenyHosts really do anything for me? I'm asking because I really don't know if it's a good additional measure or a waste given my set up?

  • Author

If you don't open up SSH to the outside via a Port Forward, "DMZ Host Forward", or some other means then your risk is fairly low that you would have attackers.

Denyhosts monitoring then becomes, as you imply, one more thing to clean up, monitor, ignore, ... 

 

This may come off a bit "tin-foil hat" but one thing to keep in mind is that our IOT (internet of things) devices are notoriously bad about security.  At some point they will likely become beach-head or bot-net "infected" devices.  If you want to control your light bulbs from your phone you should consider adding them and all other IOT devices to their own network.

</tin-foil>

 

Adding the SSH plugin may be something you want to consider if for no other reason it helps with setting up public-key style auth.  It sucks to have to type a complicated password for my unraid when I'm on my tablet. :-)

 

hth,

 

doc..

If you don't open up SSH to the outside via a Port Forward, "DMZ Host Forward", or some other means then your risk is fairly low that you would have attackers.

Denyhosts monitoring then becomes, as you imply, one more thing to clean up, monitor, ignore, ... 

 

This may come off a bit "tin-foil hat" but one thing to keep in mind is that our IOT (internet of things) devices are notoriously bad about security.  At some point they will likely become beach-head or bot-net "infected" devices.  If you want to control your light bulbs from your phone you should consider adding them and all other IOT devices to their own network.

</tin-foil>

 

Adding the SSH plugin may be something you want to consider if for no other reason it helps with setting up public-key style auth.  It sucks to have to type a complicated password for my unraid when I'm on my tablet. :-)

 

hth,

 

doc..

 

these are good points, which is why I asked. I'm typically the kind of guy who many would call overly cautious... so this might be a good plugin anyway.

 

Also good point about the SSH plugin.

  • 3 weeks later...

I can't get the SSH daemon to start.

 

I've reinstalled it for good measure, same thing. Just says that SSH is not running. When I try and connect via SSH, it tells me connection refused.

 

This is all that pops up in the log when I click start:

 

Apr 29 12:26:49 Tower emhttp: cmd: /usr/local/emhttp/plugins/ssh/scripts/rc.ssh buttonstart

 

I'm on 6.1.9 currently.

 

Is there any log or information I can provide to help figure this out? Or some critical setup step I missed? I've perused the github documentation, and couldn't find anything. Thank you!

 

 

I'm studiously avoiding naming the person since I don't know if there are political mines that I'm stepping around but will say I am very grateful for his initial work on creating the plugin.  Without that effort I am sure I would not have forked the copy and started maintaining it.

 

It's okay, you can name the original person. He won't mind ;)

 

I'm glad someone took up the mantle to make the plugins work for later unRAID versions.  Good job!

  • 2 months later...

I can't get the SSH daemon to start.

 

I've reinstalled it for good measure, same thing. Just says that SSH is not running. When I try and connect via SSH, it tells me connection refused.

 

This is all that pops up in the log when I click start:

 

Apr 29 12:26:49 Tower emhttp: cmd: /usr/local/emhttp/plugins/ssh/scripts/rc.ssh buttonstart

 

I'm on 6.1.9 currently.

 

Is there any log or information I can provide to help figure this out? Or some critical setup step I missed? I've perused the github documentation, and couldn't find anything. Thank you!

 

I'm in the same boat on 6.1.9 as well. Unistalled, re-installed and SSH damon won't start. Oddly it was working before. Any solutions? Thanks!

  • 1 month later...

Same here. This plugin only adds some settings, ssh can not be started, no error messages, nothing. Seems like it is not maintained any more (since months)?

 

P.S.: Asking questions that only native english speakers tha watch a lot of movies can know is the MOST SILLY verification method I ever seen since the beginning of the internet!

  • 2 weeks later...

Hi everyone!

 

I think I found the error

 

Check your files in /etc/ssh

 

ls -la /etc/ssh

 

You may get something like this:

 

-rw-------  1 root root 246880 Aug  5 09:34 moduli
-rw-------  1 root root   1642 Aug  5 09:34 ssh_config
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_dsa_key
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_dsa_key.pub
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_ecdsa_key
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_ecdsa_key.pub
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_ed25519_key
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_ed25519_key.pub
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_rsa_key
-rw-------  1 root root      0 Sep 19 04:18 ssh_host_rsa_key.pub
-rw-------  1 root root   3522 Sep 21 01:41 sshd_config

 

As you can see, the keys have size 0.

 

I deleted all the keys with:

rm ssh_host_*

 

Then generated my own with:

ssh-keygen -t rsa -b 4096
ssh-keygen -t dsa
ssh-keygen -t ecdsa
ssh-keygen -t ed25519

 

Specifying the destination of the file as

/etc/ssh/ssh_host_rsa_key
/etc/ssh/ssh_host_dsa_key
/etc/ssh/ssh_host_ecdsa_key
/etc/ssh/ssh_host_ed25519_key

 

 

Just after this, everything works as expected. I don't know which component has generated this keys so I don't know where to fix it...

 

 

I am running unRAID v6.2

 

Regards

Instead of generating:

 

Cleaning /boot/config/ssh and /config/ssh and rebooting helps. Uninstalled the plugin as ssh is available without it (if the keys are not 0).

Upon reboot the keys disappeared again...  :( will try your method

  • 2 weeks later...

Having some trouble trying to get this ssh plugin to install

 

 

I'm on the latest version of unraid 6.2, I've tried installing it via the Community Apps plugin, and manually.  Any ideas?

  • 1 month later...

Does anyone have this working?

 

I am wondering if it is even supported anymore.

 

Since I installed this plugin, I have lost ssh access for all of my users.

  • 2 weeks later...

Is anyone successfully running this plugin on 6.2 or 6.3??

I have it running on 6.2.4. I installed it on 6.1, have been working since. Be sure to read the readme file, I think the info is on the github page too.

What sort of problems do you have?

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.

Guest
Reply to this topic...

Account

Navigation

Search

Search

Configure browser push notifications

Chrome (Android)
  1. Tap the lock icon next to the address bar.
  2. Tap Permissions → Notifications.
  3. Adjust your preference.
Chrome (Desktop)
  1. Click the padlock icon in the address bar.
  2. Select Site settings.
  3. Find Notifications and adjust your preference.