6 minute read
System > General contains options for configuring the web interface and other basic system settings.
|GUI SSL Certificate||drop-down menu||The system uses a self-signed certificate to enable encrypted web interface connections. To change the default certificate, select a different created or imported certificate.|
|WebGUI IPv4 Address||drop-down menu||Choose recent IP addresses to limit the usage when accessing the web interface. The built-in HTTP server binds to the wildcard address of 0.0.0.0 (any address) and issues an alert if the specified address becomes unavailable.|
|WebGUI IPv6 Address||drop-down menu||Choose recent IPv6 addresses to limit the usage when accessing the web interface. The built-in HTTP server binds to the wildcard address of 0.0.0.0 (any address) and issues an alert if the specified address becomes unavailable.|
|WebGUI HTTP Port||integer||Allow configuring a non-standard port for accessing the web interface over HTTP. Changing this setting might require changing a Firefox configuration setting.|
|WebGUI HTTPS Port||integer||Allow configuring a non-standard port to access the web interface over HTTPS.|
|HTTPS Protocols||drop-down menu||Choose which HTTPS protocols to allow|
|WebGUI HTTP -> HTTPS Redirect||checkbox||Redirect HTTP connections to HTTPS. A |
|Language||combo box||Select a language from the drop-down menu. The list can be sorted by |
|Console Keyboard Map||drop-down menu||Select a keyboard layout.|
|Timezone||drop-down menu||Select a timezone.|
|Syslog level||drop-down menu||When |
|Syslog server||string||Remote syslog server DNS hostname or IP address. Nonstandard port numbers can be used by adding a colon and the port number to the hostname, like mysyslogserver:1928. Log entries are written to local logs and sent to the remote syslog server.|
|Crash reporting||checkbox||Send failed HTTP request data which can include client and server IP addresses, failed method call tracebacks, and middleware log file contents to iXsystems.|
|Usage Collection||checkbox||Enable sending anonymous usage statistics to iXsystems.|
After making any changes, click SAVE. Changes to any of the GUI fields can interrupt web interface connectivity while the new settings are applied.
This screen also contains these buttons:
SAVE CONFIG: save a backup copy of the current configuration database in the format hostname-version-architecture to the computer accessing the web interface. Saving the configuration after making any configuration changes is highly recommended. TrueNAS® automatically backs up the configuration database to the system dataset every morning at 3:45. However, this backup does not occur if the system is shut down at that time. If the system dataset is stored on the boot pool and the boot pool becomes unavailable, the backup will also not be available. The location of the system dataset can be viewed or set using System ➞ System Dataset.
SSH keys are not stored in the configuration database and must be backed up separately. System host keys are files with names beginning with
/usr/local/etc/ssh/. The root user keys are stored in
There are two types of passwords. User account passwords for the base operating system are stored as hashed values, do not need to be encrypted to be secure, and are saved in the system configuration backup. Other passwords, like iSCSI CHAP passwords, Active Directory bind credentials, and cloud credentials are stored in an encrypted form to prevent them from being visible as plain text in the saved system configuration. The key or seed for this encryption is normally stored only on the operating system device. When Save Config is chosen, a dialog gives two options. Export Password Secret Seed includes passwords in the configuration file which allows the configuration file to be restored to a different operating system device where the decryption seed is not already present. Configuration backups containing the seed must be physically secured to prevent decryption of passwords and unauthorized access.
WarningThe Export Password Secret Seed option is off by default and should only be used when making a configuration backup that will be stored securely. After moving a configuration to new hardware, media containing a configuration backup with a decryption seed should be securely erased before reuse.
Export Pool Encryption Keys includes the encryption keys of encrypted pools in the configuration file. The encryption keys are restored if the configuration file is uploaded to a system with UPLOAD CONFIG.
UPLOAD CONFIG: allows browsing to the location of a previously saved configuration file to restore that configuration.
RESET CONFIG: reset the configuration database to the default base version. This does not delete user SSH keys or any other data stored in a user home directory. Since configuration changes stored in the configuration database are erased, this option is useful when a mistake has been made or to return a test system to the original configuration.
System > Advanced contains more advanced options for configuring system settings.
|Show Text Console without Password Prompt||checkbox||Set for the text console to be available without entering a password.|
|Enable Serial Console||checkbox||Do not enable this option if the serial port is disabled. Adds the Serial Port and Serial Speed fields.|
|Serial Port||string||Select the serial port address in hex.|
|Serial Speed||drop-down menu||Select the speed in bps used by the serial port.|
|Enable Legacy User Interface||checkbox||WARNING: The legacy user interface is deprecated. All management should be performed through the new user interface. Shows legacy UI login buttons on the web interface log in screen and Settings menu. These buttons allow switching to the interface that was available with TrueNAS® 11.2 and earlier.|
|Enable autotune||checkbox||Enable the Autotune script which attempts to optimize the system based on the installed hardware. Warning: Autotuning is only used as a temporary measure and is not a permanent fix for system hardware issues.|
|Enable Debug Kernel||checkbox||Use a debug version of the kernel on the next boot.|
|Show console messages||checkbox||Display console messages from |
|MOTD banner||string||This message is shown when a user logs in with SSH.|
|Show advanced fields by default||checkbox||Show all advanced fields by default.|
|Use FQDN for logging||checkbox||Include the Fully-Qualified Domain Name (FQDN) in logs to precisely identify systems with similar hostnames.|
|ATA Security User||drop-down menu||User passed to |
|SED Password||string||Global password used to unlock Self-Encrypting Drives.|
|Reset SED Password||checkbox||Select to clear the Password for SED column of Storage > Disks.|
Click the SAVE button after making any changes.
There is also an option to:
SAVE DEBUG: generate text files that contain diagnostic information. After the debug data is collected, the system prompts for a location to save the compressed
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.