June 19, 20179 yr Author I am still running 6.2.4 because my last jump broke my Owncloud (now NextCloud) docker image. I haven't read the readme on what changes from 6.2 to 6.3 but I'd be surprised if it breaks the plugin. Do you have the files in the right folder on /boot? SSH files on my machine are like the following (with noise files removed). Note the dot (.) in .../user/.ssh/... $find /boot/config/plugins/ssh ! -type d /boot/config/plugins/ssh/ssh.cfg /boot/config/plugins/ssh/root/.ssh/authorized_keys /boot/config/plugins/ssh/otheruser/.ssh/authorized_keys
August 16, 20178 yr On 7/8/2017 at 9:24 AM, zin105 said: Just wanted to report that everything works in 6.4 rc6. (Key based login only, passwords disabled, root login disabled). Only "problem" is that the plugin doesn't have an icon. This and I am now seeing the below error in the syslog: Aug 16 16:10:44 Node sshd[12542]: rexec line 110: Deprecated option UsePrivilegeSeparation
August 25, 20178 yr I have a single user defined that I want to provide ssh access too. However, I have to have "allow root" set to yes for it to work even for the non-root user. How can I disallow root ssh access, but still allow my chosen user? My ssh.cfg Quote # ssh configuration SERVICE="enable" PORT="22" USERLIST="wimp" PERMITROOTLOGIN="no" MAXAUTHTRIES="6" PASSWORDAUTHENTICATION="no" PERMITEMPTYPASSWORDS="no" GATEWAYPORTS="no" If I set PERMITROOTLOGIN="yes" then I can log in as user wimp. thanks david
August 26, 20178 yr Author Odd. I don't normally use another user but do have a couple defined. I will try to reproduce what you are seeing and fix it.
September 1, 20178 yr Hello How is this plugin suposed to work? No matter what I do, unless I turn SSH off, every user on the server can log in. Or is it not meant to work from the LAN side?
September 4, 20178 yr Author Depends on on which plugin you are asking about. The DenyHosts plugin is intended to detect unwanted connections and block the source IP. The SSH plugin is intended to enable persisting various settings. Which of the two are you running?
September 5, 20178 yr I'm totally confused as well. All I want to do is setup a couple of my users for SFTP access (SSH access). How do I do this? Is there a user manual somewhere? No matter what settings I make, I can only log in as root (provided I've left the "Permit Root Login" setting as "yes"). When I pick my user "joe" in the list and allow password access, when I try to ssh with "joe," as soon as I enter my password, connection to unRAID is closed. The user can't log in. root does not have this problem and can log in just fine. Edited September 5, 20178 yr by ksignorini
September 5, 20178 yr Been a long time since I've configured this (6.1 days), but if you guys read the info on github and the readme located in the plugin folder I'm sure you'll be able to figure it out. I'm using key based login only and it works like a charm. Github: https://github.com/docgyver/unraid-v6-plugins Readme located on your flashdrive in /boot/config/plugins/ssh
September 5, 20178 yr 2 minutes ago, strike said: Been a long time since I've configured this (6.1 days), but if you guys read the info on github and the readme located in the plugin folder I'm sure you'll be able to figure it out. I'm using key based login only and it works like a charm. Github: https://github.com/docgyver/unraid-v6-plugins Readme located on your flashdrive in /boot/config/plugins/ssh I got it working. With passwords. But you know what was getting me? I hadn't rebooted my unRAID server. I didn't see anywhere in the readme or github where it was clear that you had to restart unRAID to get this to work. I figured restarting the SSH daemon should be enough. I guess it wasn't. NOTE: You must restart unRAID to get changes made in the plugin settings to stick. At least, I had to. Edited September 5, 20178 yr by ksignorini
September 5, 20178 yr On 04/09/2017 at 2:31 AM, docgyver said: Depends on on which plugin you are asking about. The DenyHosts plugin is intended to detect unwanted connections and block the source IP. The SSH plugin is intended to enable persisting various settings. Which of the two are you running? I have both installed, but I was wondering about the SSH plugin. I get a list of the users that is on the server, I can click on them, but what is that for because nothing seems to happen when I do.
September 5, 20178 yr 5 hours ago, isvein said: I have both installed, but I was wondering about the SSH plugin. I get a list of the users that is on the server, I can click on them, but what is that for because nothing seems to happen when I do. I found the instructions over on docgyver's github page here: https://github.com/docgyver/unraid-v6-plugins/blob/master/README.md. Basically do this: 1. Stop the SSH server (turn "Enable SSH Service" to No and hit Apply.) 2. To allow SSH access for a list of users, multi-select their names in the list and make sure "Password Authentication" is set to Yes. (ctrl-click or cmd-click to select multiple users). This turns password authentication on for all the users you've picked (instead of having to generate keys). 3. Hit Apply again. This should save the settings and restart the ssh daemon but you still won't be able to ssh from those users yet; at least, I couldn't. 4. In order for the settings change to work, you have to reboot unRAID! Yes, reboot! You should now be able to ssh in with the users you picked in the list. At least, now I can on my server. Edited September 5, 20178 yr by ksignorini Clarity and more information.
November 16, 20178 yr I recently upgraded unraid to the latest release candidate 6.4.0_rc11i. I noticed that every time I open the plugins page, I get the following error in the log. Nov 16 14:17:10 Tower nginx: 2017/11/16 14:17:10 [crit] 20451#20451: *135500 stat() "/usr/local/emhttp/plugins/ssh/ssh.png" failed (13: Permission denied), client: 192.168.1.11, server: 7919ac795bff0d483d3f219c6b4dfeff9abcbeae.unraid.net, request: "GET /plugins/ssh/ssh.png HTTP/2.0", host: "7919ac795bff0d483d3f219c6b4dfeff9abcbeae.unraid.net", referrer: "https://7919ac795bff0d483d3f219c6b4dfeff9abcbeae.unraid.net/Plugins" It doesnt seem to affect the plugin working in any way, but the icon for the plugin doesnt show on the plugin page. Edit: I noticed that the /usr/local/emhttp/plugins/ssh folder has different permissions that all of the other plugin folders there. The ssh folder permissions looks like: drwxrwx--- 4 root root 200 Nov 15 12:27 ssh while all of the others look like: drwxr-xr-x 7 root root 260 Nov 15 12:27 preclear.disk manually changing it stops the error from showing up. Are there security implications to changing the folder permissions? Edited November 16, 20178 yr by mattekure
November 17, 20178 yr Author No significant implications. Group has no need for write access. Giving "other" read and execute is a bit more pemissive but it isn't like what that folder holds can't be known. It's on github I'll see what I need to change to get the permissions right on create. IIRC there was a mask involved. Been too lazy to pick an Icon. Wish there was a standard one. I'll take a look to see if there is one now.
November 17, 20178 yr I also noticed that whenever I log in I get the following error on the log: Tower sshd: rexec line 110: Deprecated option UsePrivilegeSeparation In the settings I have Permit Root Login set to No. the log in is still successful though, so its not affecting anything yet. Edited November 17, 20178 yr by mattekure
December 31, 20178 yr On 11/16/2017 at 4:41 PM, mattekure said: I noticed that the /usr/local/emhttp/plugins/ssh folder has different permissions that all of the other plugin folders there. .... manually changing it stops the error from showing up. For anyone wondering how: Do chmod 755 /usr/local/emhttp/plugins/ssh to fix it for your current session. Or add to `/boot/config/go` to make it fixed each time you start: # Fix ssh plugin icon: chmod 755 /usr/local/emhttp/plugins/ssh
January 13, 20188 yr On 12/31/2017 at 1:36 PM, JustinAiken said: For anyone wondering how: Do chmod 755 /usr/local/emhttp/plugins/ssh to fix it for your current session. Or add to `/boot/config/go` to make it fixed each time you start: # Fix ssh plugin icon: chmod 755 /usr/local/emhttp/plugins/ssh Thanks, this fixed everything after upgrading to 6.4!
January 16, 20188 yr If we can get these merged, it'll fix the wrong perms issue. https://github.com/docgyver/unraid-v6-plugins/pull/1 https://github.com/docgyver/unraid-v6-plugins/pull/2
January 17, 20188 yr Author Thanks so much. I opened up the file to change on Monday and hadn't even looked at the browser tab since. I also update the version so that someone checking for update will have a new version number. Maybe someday I'll get some icons in there too. I did find a couple that made sense and were CC license.
January 18, 20188 yr On 1/17/2018 at 8:36 AM, docgyver said: Thanks so much. I opened up the file to change on Monday and hadn't even looked at the browser tab since. I also update the version so that someone checking for update will have a new version number. Maybe someday I'll get some icons in there too. I did find a couple that made sense and were CC license. Interesting, its still setting the directory as 770?, just performed uninstall and reinstall I even went back and removed cache to make sure it wasn't using an old script. I've updated the plg again with a few lines to automagically change the folder perms after install so no additional script-fu is needed. I noticed other plugins were using this method so I'm trying the same. https://github.com/docgyver/unraid-v6-plugins/pull/3 https://github.com/docgyver/unraid-v6-plugins/pull/4 Edited January 18, 20188 yr by Darksurf
January 22, 20188 yr Fails to install after the latest update (2018.01.18) on unRaid 6.4.0 for me. plugin: installing: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg plugin: downloading: https://raw.githubusercontent.com/docgyver/unraid-v6-plugins/master/ssh.plg ... done +============================================================================== | Skipping package putty-0.64-x86_64-1rj (already installed) +============================================================================== plugin: run failed: /bin/bash retval: 1
January 23, 20188 yr Author Yeah me too. Been working on a broken Nextcloud docker from 443 being part of the management interface. Let me see what is wrong with the new code.
January 23, 20188 yr As near as I can tell from the .plg file for 2018.01.18, the install section removes the /usr/local/emhttp/plugins/ssh directory but doesn't recreate it because the error seems to occur in the post-install section where it tries to change the permissions but there aren't any files to change: ls -la /usr/local/emhttp/plugins/ssh /bin/ls: cannot access '/usr/local/emhttp/plugins/ssh': No such file or directory
January 23, 20188 yr Author Quite correct Shaun. I didn't check the location of the "Post Install" script in the plg file in relation when I accepted the patch. I moved it to the bottom right above the script which does the "bottonstart" execution kicking off the plugin and things are fine now. If anyone has issues applying the update it may be caused by a rogue /var/log/plugins/ssh.plg file remaining after the failure of 2018.01.18 to load. "Easiest" (i.e. Web UI) fix is a reboot but is not not required if you are comfortable on the command line. Manual fix can be accomplished by running the command "rm /var/log/plugins/ssh.plg" by your preferred method (e.g. ssh and command line, User Scripts plugin...) Follow that in the UI with a check for updates on the plugins page and then update.
January 27, 20188 yr Sorry guys, didn't mean to cause you trouble, I evidently caught the flu right not long after that tweak. I had intentions to go back and fix that, but flu hit me pretty hard, I'm at the end of it now. Seems like you guys got it under control! Thanks for the fix and sorry for the trouble.
January 28, 20188 yr Author 5 hours ago, Darksurf said: Sorry guys, didn't mean to cause you trouble, I evidently caught the flu right not long after that tweak. I had intentions to go back and fix that, but flu hit me pretty hard, I'm at the end of it now. Seems like you guys got it under control! Thanks for the fix and sorry for the trouble. NO worries. I should have looked closer when I did the commit. Thanks for your effort as well. Helps to work together.
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.