Buffalo NAS-Central Forums

Welcome to the Linkstation Wiki community
It is currently Thu Jun 21, 2018 9:40 am

All times are UTC+01:00




Post new topic  Reply to topic  [ 6 posts ] 
Author Message
PostPosted: Tue Jan 04, 2011 7:34 pm 
Offline
Total Newbie

Joined: Tue Jan 04, 2011 7:26 pm
Posts: 2
I've got a Linkstation Live, and had a little trouble getting SSH fully working for non-root users. I eventually fixed it, but haven't really seen this information concisely in one place! So here's how I did it:

Follow all the usual steps to get SSH working. You can then login as root. However, for other users, it doesn't work. I created a home directory etc. etc., but still to no avail. Finally, I discovered the following file:

/etc/sftponly_config

This needs to be edited. Find the user you want to have ssh access, and underneath set allowssh to yes.

Then comment out all the hidelist stuff with #, otherwise you won't be able to access those folders as that user.

At this point, do not restart ssh! As doing so will simply overwrite the file and your changes.

Next, edit /etc/init.d/sshd.sh and comment out the line:

nas_configgen -c sftp

I've rebooted the NAS, restarted ssh etc. and commenting out this line doesn't seem to have caused any problems yet.


Top
   
PostPosted: Tue Jan 04, 2011 7:36 pm 
Offline
Total Newbie

Joined: Tue Jan 04, 2011 7:26 pm
Posts: 2
I've just realised I think I've posted this in the wrong place. Could an admin move this to viewforum.php?f=71

Thanks


Top
   
PostPosted: Wed Mar 23, 2011 12:47 am 
Offline
Total Newbie

Joined: Wed Mar 23, 2011 12:26 am
Posts: 2
you saved my life, thanks !

I was lost googling and browsing other posts
(such as this one : viewtopic.php?f=39&t=21013&p=142817 )

but you've got the right HOWTO to get ssh working for non-root users

Thanks again !

but then :

-> what does "nas_configgen -c sftp" do ?
isn't that dangerous to disable this command ?

-> how could I get "su" working ?
(i'd like to disable remote ssh root access, log in as user then su when needed)
I tried
Code:
chmod 4755 /bin/su
but i still get
Code:
su: Permission denied


Top
   
PostPosted: Thu Apr 28, 2011 8:15 pm 
Offline
Total Newbie

Joined: Thu Apr 28, 2011 8:10 pm
Posts: 1
I'm having the same issue - not being able to ssh as anything other than root. Unfortunately my box doesn't have the file /etc/sftponly_config. Can someone post theirs as an example?

TIA


Top
   
PostPosted: Thu Apr 28, 2011 9:02 pm 
Online
Moderator

Joined: Mon Apr 26, 2010 10:24 am
Posts: 2731
FW 1.41 on LS-XHL
Code:
# config for sftp server

user admin
allowssh no
hidelist /
hidelist "/mnt/authtest"
hidelist "/mnt/msdfs_root"
hidelist "/mnt/ram"
hidelist "/mnt/.info"
hidelist "/mnt/info"
hidelist "/mnt/disk1/spool"
hidelist "/mnt/disk1/mt-daapd"
hidelist "/mnt/usbdisk1"
defaultdir "/mnt"
showlist "/mnt"
rolist "/mnt"
showlist "/mnt/disk1/share"
rwlist "/mnt/disk1/share"
hidelist "/mnt/disk1/Backup"
hidelist "/mnt/disk1/MP3"
hidelist "/mnt/usbdisk1"
hidelist "/mnt/usbdisk2"
hidelist "/mnt/usbdisk3"
hidelist "/mnt/usbdisk4"
user guest
allowssh no
hidelist /
hidelist "/mnt/authtest"
hidelist "/mnt/msdfs_root"
hidelist "/mnt/ram"
hidelist "/mnt/.info"
hidelist "/mnt/info"
hidelist "/mnt/disk1/spool"
hidelist "/mnt/disk1/mt-daapd"
hidelist "/mnt/usbdisk1"
defaultdir "/mnt"
showlist "/mnt"
rolist "/mnt"
showlist "/mnt/disk1/share"
rwlist "/mnt/disk1/share"
hidelist "/mnt/disk1/Backup"
hidelist "/mnt/disk1/MP3"
hidelist "/mnt/usbdisk1"
hidelist "/mnt/usbdisk2"
hidelist "/mnt/usbdisk3"
hidelist "/mnt/usbdisk4"
group admin
allowssh no
hidelist /
hidelist "/mnt/authtest"
hidelist "/mnt/msdfs_root"
hidelist "/mnt/ram"
hidelist "/mnt/.info"
hidelist "/mnt/info"
hidelist "/mnt/disk1/spool"
hidelist "/mnt/disk1/mt-daapd"
hidelist "/mnt/usbdisk1"
defaultdir "/mnt"
showlist "/mnt"
rolist "/mnt"
showlist "/mnt/disk1/share"
rwlist "/mnt/disk1/share"
hidelist "/mnt/disk1/Backup"
hidelist "/mnt/disk1/MP3"
hidelist "/mnt/usbdisk1"
hidelist "/mnt/usbdisk2"
hidelist "/mnt/usbdisk3"
hidelist "/mnt/usbdisk4"
group guest
allowssh no
hidelist /
hidelist "/mnt/authtest"
hidelist "/mnt/msdfs_root"
hidelist "/mnt/ram"
hidelist "/mnt/.info"
hidelist "/mnt/info"
hidelist "/mnt/disk1/spool"
hidelist "/mnt/disk1/mt-daapd"
hidelist "/mnt/usbdisk1"
defaultdir "/mnt"
showlist "/mnt"
rolist "/mnt"
showlist "/mnt/disk1/share"
rwlist "/mnt/disk1/share"
hidelist "/mnt/disk1/Backup"
hidelist "/mnt/disk1/MP3"
hidelist "/mnt/usbdisk1"
hidelist "/mnt/usbdisk2"
hidelist "/mnt/usbdisk3"
hidelist "/mnt/usbdisk4"
group hdusers
allowssh no
hidelist /
hidelist "/mnt/authtest"
hidelist "/mnt/msdfs_root"
hidelist "/mnt/ram"
hidelist "/mnt/.info"
hidelist "/mnt/info"
hidelist "/mnt/disk1/spool"
hidelist "/mnt/disk1/mt-daapd"
hidelist "/mnt/usbdisk1"
defaultdir "/mnt"
showlist "/mnt"
rolist "/mnt"
showlist "/mnt/disk1/share"
rwlist "/mnt/disk1/share"
hidelist "/mnt/disk1/Backup"
hidelist "/mnt/disk1/MP3"
hidelist "/mnt/usbdisk1"
hidelist "/mnt/usbdisk2"
hidelist "/mnt/usbdisk3"
hidelist "/mnt/usbdisk4"


Top
   
PostPosted: Sat Dec 24, 2011 12:50 am 
Offline
Newbie

Joined: Thu Dec 08, 2011 12:22 pm
Posts: 18
just a quick

THANKS!, this sorted my problem out :-) I can now do backups and maintain ownership


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 6 posts ] 

All times are UTC+01:00


Who is online

Users browsing this forum: No registered users and 6 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Limited