joelones Posted February 22, 2018 Share Posted February 22, 2018 (edited) I'm trying to change the port from 22 to 2222 and was wondering why I cannot? It always defaults back to 22. I've deleted the plugin and reinstalled. /etc/ssh/sshd_config appears to be empty... EDIT: Never mind, delete /boot/config/ssh/* and rebooted Edited February 23, 2018 by joelones Quote Link to comment
endiz Posted March 30, 2018 Share Posted March 30, 2018 Is it safe to install this plugin with 6.5? Quote Link to comment
strike Posted March 31, 2018 Share Posted March 31, 2018 Ssh plugin works, idk about denyhosts tho since I haven't used it in a while. Quote Link to comment
jj_uk Posted June 13, 2018 Share Posted June 13, 2018 I started a new thread for this, but was asked to post here: Can someone explain to me what "Available options for SSH Users" is in the settings -> SSH tab? Its just a list of users and I cant work out what, if anything, I'm supposed to use it for?! I've checked the Wiki user manual, there is no section for settings -> SSH Quote Link to comment
strike Posted June 13, 2018 Share Posted June 13, 2018 By default, it's just the root user that can log in via ssh, with the ssh plugin you can allow other users to login via ssh as well. You can also block root access if you wish. For security, it would be best to block root access and just give normal users access. That's what the user list is for, so you can configure ssh access on a user level. Quote Link to comment
docgyver Posted June 15, 2018 Author Share Posted June 15, 2018 Thanks for the quick response @strike. I've added a Main and FAQ page at the nudging. :) Quote Link to comment
deadnote Posted August 2, 2018 Share Posted August 2, 2018 Hi Fails to install on unRaid 6.5.3 for me. plugin: installing: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg ... done plugin: run failed: /bin/bash retval: 1 Quote Link to comment
Can0n Posted September 6, 2018 Share Posted September 6, 2018 On 8/1/2018 at 11:12 PM, deadnote said: Hi Fails to install on unRaid 6.5.3 for me. plugin: installing: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg ... done plugin: run failed: /bin/bash retval: 1 installed fine for me however i cannot login with my user accounts and root gets disabled by default and on a fresh boot Quote Link to comment
Can0n Posted September 6, 2018 Share Posted September 6, 2018 my unraid 6.6 rc1 this SSH plugin works fine on 6.5.3 it does not Quote Link to comment
Adromir Posted September 11, 2018 Share Posted September 11, 2018 Whenever I try to SSH into my Unraid with the Root account, I get a permission denied error. I have permit root login on yes, but i just can't login. A different User works fine with it though. I tried removing the Password and allow empty password, I set up a password. Nothing changes, i just can't get it work Quote Link to comment
docgyver Posted September 12, 2018 Author Share Posted September 12, 2018 Did you install both SSH and Denyhosts plugins? Denyhosts default behavior is to block logins to root with only a single failure. You may need to whitelist your source IP. I will wait to speculate further on the problem until after you confirm Denyhosts install or lack. Quote Link to comment
Adromir Posted September 12, 2018 Share Posted September 12, 2018 I didnt install denyhosts. But i figured out that apparently the ssh plugin doesn't update the config at boot/config/ssh/ssh_d . I manually added "PermitRootLogin yes" and restartet the ssh service. Then it worked Quote Link to comment
Barafu Posted July 13, 2019 Share Posted July 13, 2019 There is a big problem with this plugin's logic. User installs it, enables ssh, tries to login as root and gets banned. The only solution for those who do not want to delve into particulars of SSH is to delete /boot/config/ssh and reboot. Quote Link to comment
docgyver Posted July 23, 2019 Author Share Posted July 23, 2019 Sorry you are having issues with the DenyHosts plugin. It is true that a failed login to root can cause even a local ban. I've thought about adding a "whitelist" for all private IP addresses to the default config but "the tyranny of the default" would put this in place for folks who might not want it. I will look at the Readme.md and see if I can make potential impacts more clear and maybe as an option have an optional whitelist file that people can put in place. Thanks for the feedback. Quote Link to comment
Julius Posted September 21, 2019 Share Posted September 21, 2019 On 7/13/2019 at 6:35 PM, Barafu said: There is a big problem with this plugin's logic. User installs it, enables ssh, tries to login as root and gets banned. The only solution for those who do not want to delve into particulars of SSH is to delete /boot/config/ssh and reboot. I agree, this plugin has a tendency to mess up your sshd_config entirely in no time. I would not recommend using it. Just one reboot and you'll know why; It locked me out many times, not because of the banning, but because it ruined ssh config. Had to go manually fix it with KVM access to the unRAID server. And then, looking at sshd_config showed all kinds of double entries. It's better to populate the go script with copy commands and just create and maintain your own ssh config. Quote Link to comment
Ustrombase Posted November 3, 2019 Share Posted November 3, 2019 I can’t install this plugin, I am getting the same error as plugin: installing: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg ... done plugin: run failed: /bin/bash retval: 1 I am on the latest release of 6.7.2 Quote Link to comment
Ustrombase Posted November 8, 2019 Share Posted November 8, 2019 On 11/2/2019 at 9:49 PM, Ustrombase said: I can’t install this plugin, I am getting the same error as plugin: installing: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg ... done plugin: run failed: /bin/bash retval: 1 I am on the latest release of 6.7.2 Anyone experiencing this issue? Quote Link to comment
Squid Posted November 8, 2019 Share Posted November 8, 2019 After your original post, I tried it and it installed for me no problems. I would delete everything on the flash drive (/config/plugins) related to the plugin (the folder, the .plg etc) and try again. Quote Link to comment
docgyver Posted November 8, 2019 Author Share Posted November 8, 2019 Going to give that (wipe clean and start from scratch) a go now as well, after a backup of course. I haven't done an install in quite some time. Had a friend suggest I should update the version more regularly too so it doesn't look abandoned. Follow up shortly. Quote Link to comment
kcgodwins Posted November 9, 2019 Share Posted November 9, 2019 I'm running 6.6.7 headless and this plugin has effectively hoarked my ability to ssh into my box. I've deleted the plugin and will try to get access back by tethering a monitor and keyboard to the thing but if there is any "quick start" to getting this fixed I'd appreciate a pointer to it. Thanks Quote Link to comment
Squid Posted November 10, 2019 Share Posted November 10, 2019 2 hours ago, kcgodwins said: I'm running 6.6.7 headless and this plugin has effectively hoarked my ability to ssh into my box. I've deleted the plugin and will try to get access back by tethering a monitor and keyboard to the thing but if there is any "quick start" to getting this fixed I'd appreciate a pointer to it. Thanks Delete the SSH folder on the flash drive (/config/ssh) and reboot. Merely uninstalling and a reboot isn't good enough. Quote Link to comment
kcgodwins Posted November 10, 2019 Share Posted November 10, 2019 35 minutes ago, Squid said: Delete the SSH folder on the flash drive (/config/ssh) and reboot. Merely uninstalling and a reboot isn't good enough. I was going through those motions as I got your reply; thank you for the info. It was nice having verification I'm on the right path. Now I'm back in. Now it's time to shut her down and perform some hardware upgrades (going from 16GB to 32GB memory and adding 2 SSDs for cache (I currently have no cache). Thanks again. Mike Quote Link to comment
docgyver Posted November 10, 2019 Author Share Posted November 10, 2019 12 hours ago, kcgodwins said: I was going through those motions as I got your reply; thank you for the info. It was nice having verification I'm on the right path. Now I'm back in. Now it's time to shut her down and perform some hardware upgrades (going from 16GB to 32GB memory and adding 2 SSDs for cache (I currently have no cache). Thanks again. Mike Deleting the /boot/config/ssh folder is an extreme but easy to accomplish fix. I get that you fixed your issue already so this followup is for the next guy and includes a request: I would be surprised if you have copies of /boot/config/ssh/sshd_config both before and after plugin install state but if you do I could use those to figure out how things were messed up and fix/improve the plugin. As a guess I expect it is related to the PermitRootLogin setting located in /boot/config/ssh/sshd_config. The plugin defaults to setting this option to "no". Merely installing the plugin makes that change and afterwards you have to login as another user. That file "belongs" to unRaid not the plugin so removing the plugin does not reverse that change. Removing the whole /boot/config/ssh folder deletes that config file along with server certs and such. unRaid automatically creates it again if it is missing at boot time. As I write this, I am leaning toward changing this behavior which would avoid this particular risk. Unfortunately the "easy" thing is to change the default to "yes" with the risk that I'm reversing the setting for someone. The "proper" (and more time consuming) thing would be to check the current setting and retain that while highlighting in the interface that the "no" setting is recommended. I'm not sure if a plugin uninstall can be interactive or not. If it can then I will look into making the "delete /boot/config/ssh" an interactive choice. Let's assume that I am right about how ssh broke. If so then a couple of approaches to a fix which avoid the need for a physical console. Abandon the Plugin Options Telnet: PermitRootLogin is an ssh setting thus telnet will not be affected. Enable Telnet: Settings -> System Settings -> Management Access -> Use Telnet: Yes This assumes you turned it off. You _did_ turn it off right? Telnet to the server logging in as root Edit /boot/config/ssh/sshd_config and change PRL setting to "yes" Remember this assume PRL is the issue. (Alt) Remove the /boot/config/ssh folder Use Web UI to reboot A reboot forces the new setting to be picked up or (Alt) the ssh folder to be recreated. Recommended: after reboot disable telnet Create User: only root is blocked, not other users so this allows you to ssh in as a different user Settings -> User Preferences -> Users -> Add User Ssh in as the new user Use sudo or "su -" to fix the config file or remove the ssh folder as described above Use Web UI to reboot Cleanup: remove the created user if it is no longer desired Keep the plugin Options [re]Install the plugin Change the PermitRootLogin setting to yes Click Done I can't emphasize enough that the edit sshd_config option only fixes the problem if indeed the PermitRootLogin setting is the issue. If this doesn't fix your issue then please get me a copy of your broken sshd_config or, even better, both that and the before I will look into what the plugin is doing. Quote Link to comment
docgyver Posted November 10, 2019 Author Share Posted November 10, 2019 Finished updating the rc.ssh:write_config() function to read the live copy of sshd_config before updating the plugin config in /boot/config/plugins/ssh.cfg. I was hoping I could leverage the values in unRaid's persisted (/boot/config/ssh/sshd_config) configuration but it would make the UI code more convoluted than necessary. With two copies of the settings the only "failure mode" I can think of is someone updating the ssh.cfg manually then rebooting with the intent those settings would be used. I think in that case the reboot will tell the plugin to exit which will then read from live and persist to ssh.cfg overwriting those changes. The benefit of the change is that now the plugin installation will respect previously tweaked settings in the /boot/config/ssh/sshd_config (unRaid's) config file. Those of you who change Port", "PermitRootLogin", "GatewayPorts", etc. will not have to manually fix those if you change them before installing the plugin. Quote Link to comment
TDA Posted November 26, 2019 Share Posted November 26, 2019 Just to clarify, this plugin wasn't tested with the latest RC right? Cause it seems to not respond as it should. If you set: PASSWORD AUTHENTICATION on "no" it doesn't change a thing. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.