Beran Muden
Cadet
- Joined
- Aug 2, 2014
- Messages
- 5
Hello all,
For the last two months, I've been the proud owner of a FreeNAS box.
And although I work as an IT professional (Windows-minded), I've had quite some trouble setting up a safe FTP solution for my NAS. Even after doing the required RTFM and googling for a similiar solution, the steep learning process made it difficult for me to breeze through the setup.
But, the good news is I finally managed to pull of the FTP solution I wanted, in this case FTP through SSH. For those who are interested, I've made a small tutorial on how to properly configure SSH for a safe FTP solution which uses private/public keys. Since I cannot post in the "How-To Guides"-section, I've posted it here. If possible and if desired so by other users, perhaps this tutorial could be moved to the proper section.
Prerequisites:
- Generally know your way around FreeNAS (RTFM)
- Have access to Putty and the Putty generator.
This particular configuration was done on a FreeNAS-9.2.1.5-RELEASE-x64 setup.
See the bottom of the page for further information on that.
What to do:
- Open puttygen.exe
- Create a new SSH-2 RSA key with 2048 bits
- Enter a key passphrase to encrypt the key on disk (and confirm the same passphrase)
- Save the private key to disk. You will need this key on your client to connect to FreeNAS
- If you want, you can save the public key to disk, this is optional.
(You can also recover the public key by opening the private key in puttygen.exe)
- Copy the data from the field "Public key for pasting into OpenSSH authorized_keys file:"
- Paste the key into the "SSH Public Key" field from the user account on FreeNAS
- Turn on the SSH service on the FreeNAS, default settings and port 22
Putty:
The initial setup is now complete.
You're now able to connect to your FreeNAS with Putty while using a private and public key.
Make you sure you set the right private key .ppk file when connecting.
To do this, go to Connection > SSH > Auth and point to your .ppk file.
FireFTP:
What's even better, is that you can connect to your FreeNAS from the internet, while using Firefox and the FireFTP addon. When connecting to your FreeNAS while using FireFTP, please consider the following settings:
On the Main tab
- In the ID field, enter the username of a FreeNAS user to make the connection
- For the password, use the passphrase of the private key!
On the Connection tab
- Select SFTP with port 22 as connection type
- Select your private key .ppk file created earlier with puttgen.exe
That's it.
Notes:
The private key should be stored in a file that only you can access, and the key should be encryped with a passphrase for added security. If this is not possible, do not use public key authentication.
For reference see the following sites:
http://doc.freenas.org/index.php/SSH
http://www.ualberta.ca/CNS/RESEARCH/LinuxClusters/pka-putty.html
http://kb.site5.com/shell-access-ss...-keys-and-connect-to-your-account-with-putty/
Hopefully this guide may help someone else stuck with SSH and FTP.
If not, feel free to delete this post.
Regards,
BM.
For the last two months, I've been the proud owner of a FreeNAS box.
And although I work as an IT professional (Windows-minded), I've had quite some trouble setting up a safe FTP solution for my NAS. Even after doing the required RTFM and googling for a similiar solution, the steep learning process made it difficult for me to breeze through the setup.
But, the good news is I finally managed to pull of the FTP solution I wanted, in this case FTP through SSH. For those who are interested, I've made a small tutorial on how to properly configure SSH for a safe FTP solution which uses private/public keys. Since I cannot post in the "How-To Guides"-section, I've posted it here. If possible and if desired so by other users, perhaps this tutorial could be moved to the proper section.
Prerequisites:
- Generally know your way around FreeNAS (RTFM)
- Have access to Putty and the Putty generator.
This particular configuration was done on a FreeNAS-9.2.1.5-RELEASE-x64 setup.
See the bottom of the page for further information on that.
What to do:
- Open puttygen.exe
- Create a new SSH-2 RSA key with 2048 bits
- Enter a key passphrase to encrypt the key on disk (and confirm the same passphrase)
- Save the private key to disk. You will need this key on your client to connect to FreeNAS
- If you want, you can save the public key to disk, this is optional.
(You can also recover the public key by opening the private key in puttygen.exe)
- Copy the data from the field "Public key for pasting into OpenSSH authorized_keys file:"
- Paste the key into the "SSH Public Key" field from the user account on FreeNAS
- Turn on the SSH service on the FreeNAS, default settings and port 22
Putty:
The initial setup is now complete.
You're now able to connect to your FreeNAS with Putty while using a private and public key.
Make you sure you set the right private key .ppk file when connecting.
To do this, go to Connection > SSH > Auth and point to your .ppk file.
FireFTP:
What's even better, is that you can connect to your FreeNAS from the internet, while using Firefox and the FireFTP addon. When connecting to your FreeNAS while using FireFTP, please consider the following settings:
On the Main tab
- In the ID field, enter the username of a FreeNAS user to make the connection
- For the password, use the passphrase of the private key!
On the Connection tab
- Select SFTP with port 22 as connection type
- Select your private key .ppk file created earlier with puttgen.exe
That's it.
Notes:
The private key should be stored in a file that only you can access, and the key should be encryped with a passphrase for added security. If this is not possible, do not use public key authentication.
For reference see the following sites:
http://doc.freenas.org/index.php/SSH
http://www.ualberta.ca/CNS/RESEARCH/LinuxClusters/pka-putty.html
http://kb.site5.com/shell-access-ss...-keys-and-connect-to-your-account-with-putty/
Hopefully this guide may help someone else stuck with SSH and FTP.
If not, feel free to delete this post.
Regards,
BM.
