tr0910 Posted December 15, 2016 Share Posted December 15, 2016 I have it running on 6.2.4. I installed it on 6.1, have been working since. Be sure to read the readme file, I think the info is on the github page too. What sort of problems do you have? Both denyhosts and ssh?? I hadn't installed it yet thinking from the comments above it was no longer working. Will try it now... Thanks... Quote Link to comment
strike Posted December 15, 2016 Share Posted December 15, 2016 Yeah, I have both running. Haven't tested if denyhost is actually doing what it's supposed to do since 6.1, but it's running. SSH I use almost daily so I know that's working Quote Link to comment
tr0910 Posted December 15, 2016 Share Posted December 15, 2016 Yeah, I have both running. Haven't tested if denyhost is actually doing what it's supposed to do since 6.1, but it's running. SSH I use almost daily so I know that's working Have you got it running on a 6.3 server too? Quote Link to comment
strike Posted December 16, 2016 Share Posted December 16, 2016 Nah, haven't tested 6.3 yet Quote Link to comment
tr0910 Posted December 16, 2016 Share Posted December 16, 2016 Hopefully this is the right place for posting new/updated plugins. I have ssh_config confirmed working with 6.2.4 and have locked my server down significantly. Secondly, I wanted to bolt it down tighter with denyhosts, but cannot get it to start running. Attempts to start it result in this: Dec 16 12:51:13 Server1 sudo: root : TTY=unknown ; PWD=/usr/local/emhttp ; USER=root ; COMMAND=/usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/boot/config/plugins/denyhosts/denyhosts.cfg Dec 16 12:51:33 Server1 sudo: root : TTY=unknown ; PWD=/usr/local/emhttp ; USER=root ; COMMAND=/usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/boot/config/plugins/denyhosts/denyhosts.cfg Dec 16 12:51:42 Server1 emhttp: cmd: /usr/local/emhttp/plugins/denyhosts/scripts/rc.denyhosts buttonstart Dec 16 12:51:42 Server1 sudo: root : TTY=unknown ; PWD=/ ; USER=root ; COMMAND=/usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/boot/config/plugins/denyhosts/denyhosts.cfg Dec 16 12:53:10 Server1 sudo: root : TTY=unknown ; PWD=/usr/local/emhttp ; USER=root ; COMMAND=/usr/bin/env python /usr/bin/denyhosts.py --daemon --config=/boot/config/plugins/denyhosts/denyhosts.cfg This is still what I get in the logs after restricting logins to keyfiles only. The nasties won't quite trying to break in. Dec 16 10:53:30 Server1 sshd[20738]: Received disconnect from 218.65.30.123 port 8927:11: [preauth] Dec 16 10:53:30 Server1 sshd[20738]: Disconnected from 218.65.30.123 port 8927 [preauth] Dec 16 11:11:20 Server1 sshd[27831]: Received disconnect from 221.194.44.231 port 44343:11: [preauth] Dec 16 11:11:20 Server1 sshd[27831]: Disconnected from 221.194.44.231 port 44343 [preauth] Dec 16 11:16:02 Server1 sshd[29642]: Received disconnect from 221.194.47.229 port 46792:11: [preauth] Dec 16 11:16:02 Server1 sshd[29642]: Disconnected from 221.194.47.229 port 46792 [preauth] Dec 16 11:20:34 Server1 sshd[31476]: Received disconnect from 121.18.238.114 port 41878:11: [preauth] Dec 16 11:20:34 Server1 sshd[31476]: Disconnected from 121.18.238.114 port 41878 [preauth] Dec 16 11:23:32 Server1 sshd[32601]: Received disconnect from 121.18.238.114 port 55780:11: [preauth] Dec 16 11:23:32 Server1 sshd[32601]: Disconnected from 121.18.238.114 port 55780 [preauth] Dec 16 11:24:13 Server1 sshd[458]: Received disconnect from 221.194.47.208 port 41636:11: [preauth] Dec 16 11:24:13 Server1 sshd[458]: Disconnected from 221.194.47.208 port 41636 [preauth] Dec 16 11:26:38 Server1 sshd[1556]: Unable to negotiate with 123.31.32.5 port 62192: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Dec 16 11:35:25 Server1 sshd[5040]: Received disconnect from 121.123.153.46 port 52816:11: Bye Bye [preauth] Dec 16 11:35:25 Server1 sshd[5040]: Disconnected from 121.123.153.46 port 52816 [preauth] Dec 16 11:45:10 Server1 sshd[8839]: Received disconnect from 221.194.47.224 port 46493:11: [preauth] Dec 16 11:45:10 Server1 sshd[8839]: Disconnected from 221.194.47.224 port 46493 [preauth] Dec 16 11:45:27 Server1 sshd[9018]: Received disconnect from 121.18.238.98 port 34741:11: [preauth] Dec 16 11:45:27 Server1 sshd[9018]: Disconnected from 121.18.238.98 port 34741 [preauth] Dec 16 11:45:28 Server1 sshd[9061]: Received disconnect from 121.18.238.104 port 35216:11: [preauth] Dec 16 11:45:28 Server1 sshd[9061]: Disconnected from 121.18.238.104 port 35216 [preauth] Dec 16 11:51:29 Server1 sshd[10941]: Received disconnect from 221.194.44.224 port 36581:11: [preauth] Dec 16 11:51:29 Server1 sshd[10941]: Disconnected from 221.194.44.224 port 36581 [preauth] Dec 16 11:53:00 Server1 sshd[11382]: Received disconnect from 221.194.47.224 port 46110:11: [preauth] Dec 16 11:53:00 Server1 sshd[11382]: Disconnected from 221.194.47.224 port 46110 [preauth] Dec 16 11:54:35 Server1 sshd[11907]: Received disconnect from 221.194.47.229 port 44266:11: [preauth] Dec 16 11:54:35 Server1 sshd[11907]: Disconnected from 221.194.47.229 port 44266 [preauth] Dec 16 12:07:49 Server1 sshd[16083]: Received disconnect from 221.194.44.195 port 44063:11: [preauth] Dec 16 12:07:49 Server1 sshd[16083]: Disconnected from 221.194.44.195 port 44063 [preauth] Dec 16 12:09:45 Server1 sshd[16694]: Received disconnect from 121.18.238.114 port 36323:11: [preauth] Dec 16 12:09:45 Server1 sshd[16694]: Disconnected from 121.18.238.114 port 36323 [preauth] Dec 16 12:10:05 Server1 sshd[16847]: Received disconnect from 221.194.47.249 port 49320:11: [preauth] Dec 16 12:10:05 Server1 sshd[16847]: Disconnected from 221.194.47.249 port 49320 [preauth] Dec 16 12:10:14 Server1 sshd[16894]: Received disconnect from 221.194.44.219 port 49424:11: [preauth] Dec 16 12:10:14 Server1 sshd[16894]: Disconnected from 221.194.44.219 port 49424 [preauth] Dec 16 12:19:13 Server1 sshd[19711]: Received disconnect from 121.18.238.98 port 42423:11: [preauth] Dec 16 12:19:13 Server1 sshd[19711]: Disconnected from 121.18.238.98 port 42423 [preauth] Dec 16 12:41:06 Server1 sshd[26559]: Received disconnect from 221.194.44.219 port 34636:11: [preauth] Dec 16 12:41:06 Server1 sshd[26559]: Disconnected from 221.194.44.219 port 34636 [preauth] Dec 16 13:06:06 Server1 sshd[3875]: Invalid user admin from 185.110.132.202 port 43627 Dec 16 13:06:06 Server1 sshd[3875]: input_userauth_request: invalid user admin [preauth] Dec 16 13:06:07 Server1 sshd[3875]: Received disconnect from 185.110.132.202 port 43627:11: Bye Bye [preauth] Dec 16 13:06:07 Server1 sshd[3875]: Disconnected from 185.110.132.202 port 43627 [preauth] Dec 16 13:12:24 Server1 sshd[6388]: Received disconnect from 121.18.238.98 port 51933:11: [preauth] Dec 16 13:12:24 Server1 sshd[6388]: Disconnected from 121.18.238.98 port 51933 [preauth] Dec 16 13:38:27 Server1 sshd[16782]: Received disconnect from 221.194.44.219 port 37815:11: [preauth] Dec 16 13:38:27 Server1 sshd[16782]: Disconnected from 221.194.44.219 port 37815 [preauth] Dec 16 13:39:43 Server1 sshd[17256]: Received disconnect from 221.194.47.224 port 47834:11: [preauth] Dec 16 13:39:43 Server1 sshd[17256]: Disconnected from 221.194.47.224 port 47834 [preauth] Dec 16 13:40:39 Server1 sshd[17633]: Received disconnect from 221.194.47.229 port 42289:11: [preauth] Dec 16 13:40:39 Server1 sshd[17633]: Disconnected from 221.194.47.229 port 42289 [preauth] Dec 16 13:41:34 Server1 sshd[18010]: Invalid user support from 185.110.132.202 port 54147 Dec 16 13:41:34 Server1 sshd[18010]: input_userauth_request: invalid user support [preauth] Dec 16 13:41:35 Server1 sshd[18010]: Received disconnect from 185.110.132.202 port 54147:11: Bye Bye [preauth] Dec 16 13:41:35 Server1 sshd[18010]: Disconnected from 185.110.132.202 port 54147 [preauth] Dec 16 14:06:54 Server1 sshd[27998]: Unable to negotiate with 123.31.32.5 port 62083: no matching key exchange method found. Their offer: diffie-hellman-group1-sha1 [preauth] Dec 16 14:16:42 Server1 sshd[31874]: Received disconnect from 185.110.132.202 port 41156:11: Bye Bye [preauth] Dec 16 14:16:42 Server1 sshd[31874]: Disconnected from 185.110.132.202 port 41156 [preauth] Quote Link to comment
docgyver Posted December 20, 2016 Author Share Posted December 20, 2016 Somehow I've been missing notifications on the thread. I must have deleted one and never got back here. I just updated to 6.2.4 on Friday and blew up docker containers since I didn't RTFM before jumping from 6.1 to 6.2. I hope to have things cleared up sometime today (Monday) and will look at both ssh and Denyhosts. I can tell you that ssh plugin seems to be working for me without any further changes. At least my authorized keys file is making it into place. I'll kick the tires on other features late today or tomorrow. Sorry for my absence. doc.. Quote Link to comment
trurl Posted December 20, 2016 Share Posted December 20, 2016 Make sure you check package version compatibility. You might take a look and see what versions of packages the NerdTools plugin installs. Quote Link to comment
endiz Posted January 25, 2017 Share Posted January 25, 2017 is there any way to copy over public keys using this plugin? EDIT: Never mind, figured it out. You have to generate the key and copy the public openssh key to /boot/config/plugins/ssh/<username>/.ssh/authorized_keys file. As per readme: Upon restarting SSH, the plug-in will look for (and find) authorized_keys and copy this file to the users home directory. eg. /home/someuser/.ssh/authorized_keys Quote Link to comment
wgstarks Posted January 29, 2017 Share Posted January 29, 2017 Just installed this plugin and I have a couple of questions- 1) I see a note in "Settings" that logs are persistent. Where are they? Don't see them in the "Logs" folder. 2) Wanted to read through the documentation but couldn't find any in CA or via the "Help" button in "Settings"? Quote Link to comment
wgstarks Posted January 31, 2017 Share Posted January 31, 2017 Just installed this plugin and I have a couple of questions- 1) I see a note in "Settings" that logs are persistent. Where are they? Don't see them in the "Logs" folder. 2) Wanted to read through the documentation but couldn't find any in CA or via the "Help" button in "Settings"? Is there any documentation at all for this plugin? Quote Link to comment
DazedAndConfused Posted February 1, 2017 Share Posted February 1, 2017 This might seem a little trivial, but is there a way to change the icon for Denyhosts and have it stay changed? The current icon has a white background and shows up when you change the dynamix ui to black. I found a replacement Icon but it keeps changing back to the original one. Quote Link to comment
Squid Posted February 1, 2017 Share Posted February 1, 2017 This might seem a little trivial, but is there a way to change the icon for Denyhosts and have it stay changed? The current icon has a white background and shows up when you change the dynamix ui to black. I found a replacement Icon but it keeps changing back to the original one. Easiest way is to overwrite the existing file (probably stored in /usr/local/emhtttp/plugins/sshWhateverTheFolderIs/images) with your replacement. You'd have to store the replacement on the flash drive somewhere and either create a script to run at array start with the user scripts plugin, or add the appropriate command to the go file on the flash drive. Quote Link to comment
Threefifty Posted March 7, 2017 Share Posted March 7, 2017 Not sure if this thread is dead but I think it is my best shot at resolving an issue. I stupidly had port 22 open on my router and I saw Chinese IP's trying to brute force their way into my server. I immediately shut that down and came across the SSH plugin by docgyver. I am currently on unraid 6.3.2 trying to get SSH to work so I can use SFTP when outside my network. I setup my client on my phone through ES File Explorer. When connecting using my private key on my local network (Wifi) I have no issue connecting. When I use 4G I see the error on the phone as "This may be caused by Session.connect: java.net.SocketException: Connection reset" Currently my settings for the SSH plugin are as follows. Enable SSH Service: Yes SSH Port : 7005 Available options for SSH Users: myusername Permit Root login: No Max Auth Retries: 6 Password Authentication: No Permit Empty Password: No Gateway Ports: No All options have been toggled all producing the same result, connection allowed on local network, outside network, connection refused. sshd[15414]: Server listening on 0.0.0.0 port 7005.sshd[15539]: refused connect from *cellphone IP (cellphone ip) When on WiFi i get the following sshd[11261]: Accepted publickey for myusername from 192.168.1.1 port 39520 ssh2: RSA SHA256*rsa key here* My router has port 7005 for the static ip of my unraid server, I had the port forwarded the exact same way when it was 22, which worked outside of my local network. Any help would be greatly appreciated. Quote Link to comment
wgstarks Posted March 7, 2017 Share Posted March 7, 2017 Just a shot in the dark, have you checked to be sure your ISP isn't blocking the port? I know mine blocks many ports, Quote Link to comment
Threefifty Posted March 7, 2017 Share Posted March 7, 2017 I have run Deluge off of this port previously with remote access so I do not believe it is blocked by my ISP. I also made sure nothing else is using this port now. Quote Link to comment
ken-ji Posted March 7, 2017 Share Posted March 7, 2017 Just a quick guess, as I'm not using the plugin myself, but this is indicative of SSH rejecting connections from unwanted / unknown IPs... though after checking the SSH server docs, I can't find any config option that allows the server to deny/accept connections by IP so I'm also stumped. Do you have the denyhosts plugin installed too? That may have something to do with this. Quote Link to comment
Threefifty Posted March 7, 2017 Share Posted March 7, 2017 3 hours ago, ken-ji said: Just a quick guess, as I'm not using the plugin myself, but this is indicative of SSH rejecting connections from unwanted / unknown IPs... though after checking the SSH server docs, I can't find any config option that allows the server to deny/accept connections by IP so I'm also stumped. Do you have the denyhosts plugin installed too? That may have something to do with this. I do have denyhosts installed but it is turned off. I will uninstall it when I get home from work and let you know if that was the solution. Quote Link to comment
Threefifty Posted March 7, 2017 Share Posted March 7, 2017 Thank you all for your help, I do not know how or why but I attempted to connect this morning and was able to connect. Strange because I did not alter any settings from last night to this morning. Maybe my phone just needed to be restarted. Quote Link to comment
docgyver Posted March 7, 2017 Author Share Posted March 7, 2017 I'm on a business trip which makes me cautious about changing the port that I use in case it would cause me to lose access but I will give it a try hopefully tonight. It sounds like the problem may have resolved itself but still it would be good for me to try changing the port just to make sure that all works. doc.. Quote Link to comment
docgyver Posted March 7, 2017 Author Share Posted March 7, 2017 On 1/31/2017 at 10:25 PM, DazedAndConfused said: This might seem a little trivial, but is there a way to change the icon for Denyhosts and have it stay changed? The current icon has a white background and shows up when you change the dynamix ui to black. I found a replacement Icon but it keeps changing back to the original one. I didn't try changing the icon when I took over the plugins and have no preference. If you can send me the icon or a link I will add it to the plugin directly. Quote Link to comment
DazedAndConfused Posted March 8, 2017 Share Posted March 8, 2017 I was trying to use this one However, there are a lot of good Icons. My search term was "stop sign" I really appreciate you responding Quote Link to comment
gruggo Posted April 20, 2017 Share Posted April 20, 2017 (edited) Not sure if this is the right place to ask, but i'm trying to get this to persist a few things between reboots/restarts of the SSH Daemon on my unraid server, other than just my public key. Can I use this to configure a script to run when the ssh daemon starts? It seems that my users home directory is reset to /home/<USERNAME> evertime, and that directory is of course erased, except for the public key being copied back into it from this plugin. I would like to make sure that my home directory remains /mnt/cache/home/<USERNAME> I have done this via the /boot/config/go file, which runs at server boot, but not when ssh starts, obviously. Edited April 20, 2017 by gruggo Quote Link to comment
local.bin Posted May 31, 2017 Share Posted May 31, 2017 (edited) I am trying to get this working on 6.3.5 and am having no joy. They key pair works fine on another device and I notice that no authorized_keys is getting copied into my home folder? There is also no mention in the logs. Thanks in advance Edit: Copied my authorized_keys file into /home/<user>.ssh and changed the permissions and owner and all was well; logged in fine with my keys. Edited May 31, 2017 by local.bin Quote Link to comment
itimpi Posted May 31, 2017 Share Posted May 31, 2017 48 minutes ago, local.bin said: I am trying to get this working on 6.3.5 and am having no joy. They key pair works fine on another device and I notice that no authorized_keys is getting copied into my home folder? There is also no mention in the logs. Thanks in advance Edit: Copied my authorized_keys file into /home/<user>.ssh and changed the permissions and owner and all was well; logged in fine with my keys. 'You should note that /home is only in RAM so files placed there will not survive a reboot. For files to survive a reboot they need to be held on the flash and copied to their final location as unRAID is loading. For ssh I think this involves putting the files into the config/ssh folder on the USB stick. Quote Link to comment
local.bin Posted May 31, 2017 Share Posted May 31, 2017 6 hours ago, itimpi said: 'You should note that /home is only in RAM so files placed there will not survive a reboot. For files to survive a reboot they need to be held on the flash and copied to their final location as unRAID is loading. For ssh I think this involves putting the files into the config/ssh folder on the USB stick. Yes, I thought that was the purpose of the plugin, to do that copying of config files? My configs are on the stick but don't get copied into position, so ssh doesn't work in 6.3.x for me. I manually copied them myself and I could connect fine, so know the config files are ok. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.