burtaverde Posted September 14, 2020 Share Posted September 14, 2020 (edited) Hello people that know more than me. Excuse me if this has already been posted, i did try to find it but no luck. I noticed most people use SMB for all their media and data sharing purpose. Is there something wrong with using sftp instead? If there's no issue with it, would it be possible to set share access permissions by user? Such as making a read only user or one access only certain shares? Edited September 14, 2020 by burtaverde Quote Link to comment
Energen Posted September 14, 2020 Share Posted September 14, 2020 It depends what your purpose is and how you plan to access the shares with sftp. sftp is just a protocol, it's secure ftp. Generally speaking you can't mount an sftp server as a share (mapped drive) on Windows (that's why SMB is used). You can, but it's not "usable". Let's say you have a Word document and an Excel spreadsheet on the share, and you want to access them / use them / change them. With SMB, you can directly open the files and manipulate them, and save them directly to the share. No problem, right? With SFTP if you "open" the file, you are actually downloading it from the server (because sftp is secure file transfer protocol) and the file will generally end up in your Windows Downloads location, because when you attempt to access the file it will ask you want you want to open the file with .. and if you select a web browser it will open your web browser, ask you for the ftp login details again, and then download the file to the default download location. If you select another app to open the file with, it may end up in a temporary file location somewhere. So now that the file is [somewhere] on your computer... you edit it, make changes to it, do whatever... and save it. That file is saved on your computer. You now have to add it to your Unraid array and overwrite the old file with the new copy. If you forget to do that you will always have only the original file on your array, because with sftp you only downloaded a copy of it.... Do you understand? So while what you're asking is technically possible, depending on your use case and what files you are accessing and everything like that, using sftp may end up being more of a problem for you. 1 Quote Link to comment
burtaverde Posted September 14, 2020 Author Share Posted September 14, 2020 alright that makes sense. SMB is definitely better when working on stuff. Now for media streaming (already have plex, but sftp is more stable locally) or moving, Sftp seems to be a superior solution since you just need to open an app like winScp and copy/delete/move the files without having the user add it to their windows system. Quote Link to comment
trurl Posted September 14, 2020 Share Posted September 14, 2020 26 minutes ago, burtaverde said: Now for media streaming (already have plex, but sftp is more stable locally) Most of us have our media on our Unraid server, and run a plex server docker on that same server. Then any plex client can stream that media without even having to know anything about the files on the Unraid server. Certainly see no reason to get sftp involved in this or even SMB. Quote Link to comment
trurl Posted September 14, 2020 Share Posted September 14, 2020 My sister and niece stream from my plex server using their Rokus from half-way across the country. They don't know anything at all about my files, my server, or my network. Quote Link to comment
burtaverde Posted September 14, 2020 Author Share Posted September 14, 2020 (edited) for streaming plex is great (and that's what everybody other than me use when connecting to my server), although sftp is faster to start. For file transfers (like when somebody wants to put a movie or get some software from my server), i'd rather go sftp than smb since it doesn't require a difficult setup. Just open winscp, tell the user the ip, login info and they're done. But that's where security comes in, i'm hoping to be able to create unraid users with different permissions so they only have access to certain parts or can only read and no write. Edited September 14, 2020 by burtaverde Quote Link to comment
trurl Posted September 14, 2020 Share Posted September 14, 2020 Are you talking about letting people not on your LAN access the files on your server? Quote Link to comment
Energen Posted September 14, 2020 Share Posted September 14, 2020 If you are dead set on some sort of ftp... then you might look at using proftpd.. it's not quite an easy set up though, it would take a fair amount of manual setup for the user access. The built in user accounts for Unraid don't really offer a full set of security features for user permissions. 1 Quote Link to comment
trurl Posted September 14, 2020 Share Posted September 14, 2020 6 hours ago, burtaverde said: copy/delete/move the files without having the user add it to their windows system. No need to add anything to windows to use SMB to access network shares and copy/delete/move files on the LAN. And Unraid User Shares provide ways to control access for specific users. Quote Link to comment
trurl Posted September 14, 2020 Share Posted September 14, 2020 If you are 3 hours ago, trurl said: talking about letting people not on your LAN access the files on your server then I highly recommend taking this advice. 1 hour ago, Energen said: If you are dead set on some sort of ftp... then you might look at using proftpd.. it's not quite an easy set up though, it would take a fair amount of manual setup for the user access. The built in user accounts for Unraid don't really offer a full set of security features for user permissions. Unraid user accounts don't really provide access control for anything but SMB, NFS protocols. An FTP plugin or docker will have its own ways to configure and control user access. 1 Quote Link to comment
burtaverde Posted September 14, 2020 Author Share Posted September 14, 2020 (edited) 2 hours ago, trurl said: No need to add anything to windows to use SMB to access network shares and copy/delete/move files on the LAN. And Unraid User Shares provide ways to control access for specific users. i did notice that it's pretty easy to setup permissions there. Although for some reason it seems to not like me lately and doesn't want to be seen by any device in my lan. I'm not against smb, but i'm so used to SFTP for this kind of use that i'd like to keep going. Edited September 14, 2020 by burtaverde extra details Quote Link to comment
burtaverde Posted September 14, 2020 Author Share Posted September 14, 2020 6 hours ago, trurl said: Are you talking about letting people not on your LAN access the files on your server? kind of. I have zerotier setup so it's not exactly open to the world, but it can be accessed remotely from outside my home. The idea is for a classic ftp server but with proper security. Quote Link to comment
burtaverde Posted September 14, 2020 Author Share Posted September 14, 2020 2 hours ago, trurl said: Unraid user accounts don't really provide access control for anything but SMB, NFS protocols. An FTP plugin or docker will have its own ways to configure and control user access. Is the SMB access control new? Seems like adding it to ftp/sftp would be very similar. I guess in the end i would need a plugin/docker other than the basic ssh one to be able to achieve my goal. Now to find the right one. Quote Link to comment
trurl Posted September 14, 2020 Share Posted September 14, 2020 35 minutes ago, burtaverde said: Is the SMB access control new? No basically the same as long as I've been here. 45 minutes ago, burtaverde said: Although for some reason it seems to not like me lately and doesn't want to be seen by any device in my lan. Might be something here for you 1 Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.