FreeMan Posted January 5, 2020 Share Posted January 5, 2020 6 minutes ago, bonienl said: Try the following. 1. Uninstall the SSH plugin, if not already done 2. Delete (or rename) the folder /config/ssh on your USB device 3. Reboot your server. This will create automatically a new set of ssh keys 1. Done, then reinstalled. Now uninstalled again. 2. Done 3. Will do as soon as the preclear finishes. Thanks, will report back. I'm at 78% of the post-read on a 4TB drive reading at 200MB/s, so it should be fairly soon. Quote Link to comment
FreeMan Posted January 6, 2020 Share Posted January 6, 2020 (edited) 4 hours ago, bonienl said: 3. Reboot your server. This will create automatically a new set of ssh keys And, I was able to SSH in to it. Thank you again, good sir! Edited January 6, 2020 by FreeMan Quote Link to comment
Derek_ Posted January 6, 2020 Share Posted January 6, 2020 On 1/5/2020 at 4:14 PM, Derek_ said: I installed this plugin and have had a small play. After a reboot, i get the error on the device monitor (not web interface): chmod: cannot access '/user/local/emhttp/plugins/denyhosts/icons': No such file or directory. I SSH'd in and saw that the directory does not exist. Upon entering the webGUI, DenyHosts was not started. I started it via the GUI and it says it's started but ?? Through this exercise, it doesn't appear to alert unRAID that it hasn't successfully started - can that please added? Or is that a consequence of this error? Upon subsequent reboots, i still get the error on the server's screen, but the service does seem to load properly. Perhaps the error and the service are not directly related, but still would be a good (low priority) thing to not have the error. Quote Link to comment
Derek_ Posted January 18, 2020 Share Posted January 18, 2020 (edited) Plugin (i'm guessing) seems to duplicate a couple of lines in the sshd_config file in /boot/config/ssh Quote # To disable tunneled clear text passwords, change to no here! PasswordAuthentication no PermitEmptyPasswords no # limetech - permit empty passwords PermitEmptyPasswords no and here.. Quote PermitRootLogin no # limetech - permit root login PermitRootLogin no Edited January 18, 2020 by Derek_ Quote Link to comment
Derek_ Posted January 18, 2020 Share Posted January 18, 2020 (edited) Also wondering if this should also be changed to "no"? Quote #ChallengeResponseAuthentication yes As recommended in various places, including here (step 4): https://www.cyberciti.biz/faq/how-to-disable-ssh-password-login-on-linux/ Edited January 18, 2020 by Derek_ Quote Link to comment
Derek_ Posted January 18, 2020 Share Posted January 18, 2020 (edited) And lastly, for today ;)... why is there no "Donate" on your app? I was about to drop you a beer/coffee! Edited January 18, 2020 by Derek_ Quote Link to comment
Ustrombase Posted March 7, 2020 Share Posted March 7, 2020 On 11/8/2019 at 1:56 PM, Squid said: After your original post, I tried it and it installed for me no problems. I would delete everything on the flash drive (/config/plugins) related to the plugin (the folder, the .plg etc) and try again. Hi I tried this already but i keep getting the same error. Do you think i can just download the plg file manually? Would this work? Quote Link to comment
Ustrombase Posted March 7, 2020 Share Posted March 7, 2020 On 8/2/2018 at 12:12 AM, deadnote said: Hi Fails to install on unRaid 6.5.3 for me. plugin: installing: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg ... done plugin: run failed: /bin/bash retval: 1 I get this same error, how did you fix yours? Quote Link to comment
Derek_ Posted March 7, 2020 Share Posted March 7, 2020 19 minutes ago, Ustrombase said: I get this same error, how did you fix yours? Sorry, i don't have any pearls of wisdom. Although have you tried the "Cleanup AppData" plugin? It might help. Any particular reason you're still on unRAID 6.5.3? We're up to 6.8.2. Quote Link to comment
Ustrombase Posted March 7, 2020 Share Posted March 7, 2020 5 minutes ago, Derek_ said: Sorry, i don't have any pearls of wisdom. Although have you tried the "Cleanup AppData" plugin? It might help. Any particular reason you're still on unRAID 6.5.3? We're up to 6.8.2. No i'm actually on the latest one now. I am still figuring out how to use that plugin. Quote Link to comment
Derek_ Posted March 7, 2020 Share Posted March 7, 2020 1 minute ago, Ustrombase said: No i'm actually on the latest one now. I am still figuring out how to use that plugin. I think it's just a matter of going to Settings > Cleanup AppData and it will look for orphaned plugins and you'll get an option to delete. Quote Link to comment
Ustrombase Posted March 7, 2020 Share Posted March 7, 2020 1 minute ago, Derek_ said: I think it's just a matter of going to Settings > Cleanup AppData and it will look for orphaned plugins and you'll get an option to delete. ok just did it but it didn't find any folders. IT found some old docker folders that I deleted now via the plugin Quote Link to comment
Derek_ Posted March 7, 2020 Share Posted March 7, 2020 5 minutes ago, Ustrombase said: ok just did it but it didn't find any folders. IT found some old docker folders that I deleted now via the plugin Have you tried reinstalling since updating to 6.8.2? Quote Link to comment
Derek_ Posted March 7, 2020 Share Posted March 7, 2020 (edited) Just doing some searching on your problem and it seems it might be related to a corruption which could be caused by different things. From what i could see (example threads linked): 1. Make sure you're using USB2 2. It's possible your USB drive has a problem. Run Checkdisk on it. 3. RAM full? 4. Something in the package (unlikely, as it hasn't been updated for a while). https://github.com/dorgan/Unraid-networkstats/issues/12 Edited March 7, 2020 by Derek_ Quote Link to comment
Ustrombase Posted March 7, 2020 Share Posted March 7, 2020 7 hours ago, Derek_ said: Have you tried reinstalling since updating to 6.8.2? Yea I’m on 6.8.3 I believe is the latest one. Just updated last night and tried installing again. Quote Link to comment
Derek_ Posted March 8, 2020 Share Posted March 8, 2020 13 hours ago, Ustrombase said: Yea I’m on 6.8.3 I believe is the latest one. Just updated last night and tried installing again. I gather it didn't work? Same problem? Did you have a read of the posts i linked? If you can install other plugins though, then i don't know what the problem could be. That's all i have i'm afraid. Good luck. Quote Link to comment
Ustrombase Posted March 9, 2020 Share Posted March 9, 2020 On 3/7/2020 at 9:38 PM, Derek_ said: I gather it didn't work? Same problem? Did you have a read of the posts i linked? If you can install other plugins though, then i don't know what the problem could be. That's all i have i'm afraid. Good luck. Thanks. I’ll have to resort to seeing if others have had the same issue and if they have fixed it. i don’t know what this must mean. plugin: run failed: /bin/bash retval: 1 Quote Link to comment
Ustrombase Posted March 10, 2020 Share Posted March 10, 2020 On 10/3/2016 at 5:52 PM, hooger said: Having some trouble trying to get this ssh plugin to install I'm on the latest version of unraid 6.2, I've tried installing it via the Community Apps plugin, and manually. Any ideas? Did you ever get this installed correctly? Quote Link to comment
letri Posted April 25, 2020 Share Posted April 25, 2020 I'm also having the same issue. Quote Link to comment
letri Posted April 25, 2020 Share Posted April 25, 2020 (edited) 2 hours ago, dprus said: I'm also having the same issue. I was able to figure out the issue by downloading the plugin locally and using the commandline "installplg" to try and install it. This allowed me to easily edit the script and add logging (it badly needs logging). I found out it was failing to download putty. Some observations: It tries to download Putty 0.64. That's a very old version of Putty. So instead of trying to make this work I went ahead and installed the latest Putty 0.73 package instead: # Slackbuilds doesn't send the full Letsencrypt certificate chain and wget doesn't know how to handle this. So we'll help it... wget https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt -O /tmp/letsencryptauthorityx3.pem wget --ca-certificate=/tmp/letsencryptauthorityx3.pem https://slack.conraid.net/repository/slackware64-current/putty/putty-0.73-x86_64-1cf.txz rm /tmp/letsencryptauthorityx3.pem When it decides whether or not Putty is installed it does a check for that very specific old version of Putty. So even after I'd installed the newer version of Putty the script still failed. I ended up having to comment out the section that downloads and installs Putty to get the script to install. I would recommend the script instead check for Putty >= 0.64. Also, above, instead of using '--no-check-certificate' with wget I'd recommend the approach of using wget to download the intermediate from letsencrypt's website and then passing the intermediate to wget. This will allow wget to succeed when downloading from websites that don't provide wget with a full chain without having to tell wget to completely ignore all certificate validation. For those of you who don't want to have to workaround things and want to get the script back to "just working" you may want to try downloading and installing Putty 0.64 manually before trying to install this plugin: Download path: https://github.com/docgyver/unraid-v6-plugins/releases/download/ssh/putty-0.64-x86_64-1rj.txz (might need to use the same trick with passing --ca-certificate above) Run, from an unraid root shell: installpkg <path to the file you downloaded in the previous bullet> After that, and assuming the script was failing in your case for the same reason it was failing for me, the plugin should install successfully again. Good luck! PS. If I get some spare time I will submit a PR to update the plugin to add logging, increment the Putty version and remove instances of --no-check-certificate being passed to wget. Edited April 25, 2020 by dprus 1 Quote Link to comment
Sinister Posted April 26, 2020 Share Posted April 26, 2020 I have a two part question hopefully this is the correct place for it, essentially what im trying to do is use user scripts to send a command via SSH to my pfsense baremetal to shutdown when the array comes up "ssh [email protected] /etc/rc.halt" which i cant seem to get to work. after some research in order to do this i would need to generate a pair of ssh keys and paste the public one into the admin user of the pfsense this was easy enough, the problem im having is when trying to ssh out of unraid and into pfsense it does not work because unraid does not respond with my private key im not sure what directories the keys should be in for what im trying to do or what they should be named. I have almost no knowledge of how secure shell works but from what i can see on the forums there are tons of instructions for ssh into unraid but not so much for going out, im hoping someone can tell me what i need to do here Quote Link to comment
docgyver Posted April 27, 2020 Author Share Posted April 27, 2020 5 hours ago, Sinister said: I have a two part question hopefully this is the correct place for it, essentially what im trying to do is use user scripts to send a command via SSH to my pfsense baremetal to shutdown when the array comes up "ssh [email protected] /etc/rc.halt" which i cant seem to get to work. after some research in order to do this i would need to generate a pair of ssh keys and paste the public one into the admin user of the pfsense this was easy enough, the problem im having is when trying to ssh out of unraid and into pfsense it does not work because unraid does not respond with my private key im not sure what directories the keys should be in for what im trying to do or what they should be named. I have almost no knowledge of how secure shell works but from what i can see on the forums there are tons of instructions for ssh into unraid but not so much for going out, im hoping someone can tell me what i need to do here Currently the plugin only copies the authorized_keys file from /boot/config/plugins/<user>/.ssh folders to ~<user>/.ssh folders. I have considered adding pub/priv key pairs which have been placed in the /boot folders but would want to give serious thought to any security implications. It is likely no more of an attack surface but still not something I want to do lightly. In the short term what I would do is store your private key file either on the flash drive or, since you want to do this on array start, a place you think safe on the array. For example's sake lets say /tmp/id_rsa. Then you can tell your script to use that id with "-i /tmp/id_rsa". Your command would then become: ssh -i /tmp/id_rsa [email protected] /etc/rc.halt Of course /tmp is wiped on boot so a better choice would be somewhere on /mnt/user Quote Link to comment
docgyver Posted April 27, 2020 Author Share Posted April 27, 2020 On 4/25/2020 at 2:56 PM, letri said: I was able to figure out the issue by downloading the plugin locally and using the commandline "installplg" to try and install it. This allowed me to easily edit the script and add logging (it badly needs logging). I found out it was failing to download putty. Some observations: It tries to download Putty 0.64. That's a very old version of Putty. So instead of trying to make this work I went ahead and installed the latest Putty 0.73 package instead: # Slackbuilds doesn't send the full Letsencrypt certificate chain and wget doesn't know how to handle this. So we'll help it... wget https://letsencrypt.org/certs/letsencryptauthorityx3.pem.txt -O /tmp/letsencryptauthorityx3.pem wget --ca-certificate=/tmp/letsencryptauthorityx3.pem https://slack.conraid.net/repository/slackware64-current/putty/putty-0.73-x86_64-1cf.txz rm /tmp/letsencryptauthorityx3.pem When it decides whether or not Putty is installed it does a check for that very specific old version of Putty. So even after I'd installed the newer version of Putty the script still failed. I ended up having to comment out the section that downloads and installs Putty to get the script to install. I would recommend the script instead check for Putty >= 0.64. Also, above, instead of using '--no-check-certificate' with wget I'd recommend the approach of using wget to download the intermediate from letsencrypt's website and then passing the intermediate to wget. This will allow wget to succeed when downloading from websites that don't provide wget with a full chain without having to tell wget to completely ignore all certificate validation. For those of you who don't want to have to workaround things and want to get the script back to "just working" you may want to try downloading and installing Putty 0.64 manually before trying to install this plugin: Download path: https://github.com/docgyver/unraid-v6-plugins/releases/download/ssh/putty-0.64-x86_64-1rj.txz (might need to use the same trick with passing --ca-certificate above) Run, from an unraid root shell: installpkg <path to the file you downloaded in the previous bullet> After that, and assuming the script was failing in your case for the same reason it was failing for me, the plugin should install successfully again. Good luck! PS. If I get some spare time I will submit a PR to update the plugin to add logging, increment the Putty version and remove instances of --no-check-certificate being passed to wget. Thanks so much for the effort. Heads down on some certification course right now but will add the >= putty version check soon and will look into what is needed for the cert stuff and maybe even switch to grabbing putty from the official site and not keep it as part of the plugin itself. Quote Link to comment
Sinister Posted April 28, 2020 Share Posted April 28, 2020 Currently the plugin only copies the authorized_keys file from /boot/config/plugins//.ssh folders to ~/.ssh folders. I have considered adding pub/priv key pairs which have been placed in the /boot folders but would want to give serious thought to any security implications. It is likely no more of an attack surface but still not something I want to do lightly. In the short term what I would do is store your private key file either on the flash drive or, since you want to do this on array start, a place you think safe on the array. For example's sake lets say /tmp/id_rsa. Then you can tell your script to use that id with "-i /tmp/id_rsa". Your command would then become: ssh -i /tmp/id_rsa [email protected] /etc/rc.halt Of course /tmp is wiped on boot so a better choice would be somewhere on /mnt/user Thank you so much for your help with this issue ive been at it for an entire month trying to digure out why this wasnt working and you explained it simplySent from my SM-G975U1 using Tapatalk Quote Link to comment
cinereus Posted May 1, 2020 Share Posted May 1, 2020 I'm having trouble logging in via ssh after installing this. I have uninstalled it and even removed all entries from /etc/hosts.deny but still get "Permission denied, please try again." Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.