Hello,
My NS1 is still working great thank you! I have one issue though.
I use ssh-copy-id to save my public key on the NAS. After reboot, this key is lost.
I checked in the interface and it disappears there too.
Is there any way to make them persist?
Thanks
James
plugout.net
Alternative firmware fvdw-sl
SPD8020, Lacie network space vs1,vs2 and max, 5big version 1&2, 2big version 1&2, internet space vs1, edmini_v2, D2 network version 1&2, raspberry Pi b
Public keys authorized lost after restart
5 posts
• Page 1 of 1
Public keys authorized lost after restart
by jamesfawcett » Tue Feb 02, 2021 3:35 pm
- jamesfawcett
- Donator VIP
- Posts: 7
- Joined: Thu Aug 27, 2020 9:02 am
Re: Public keys authorized lost after restart
by Jocko » Tue Feb 02, 2021 5:13 pm
Hi
Thank you for your feedback.
Usually you just have to paste your public key from the ssh menu in the related textbox
Thank you for your feedback.
can you give more detail.jamesfawcett wrote:I use ssh-copy-id to save my public key on the NAS. After reboot, this key is lost.
I checked in the interface and it disappears there too.
Usually you just have to paste your public key from the ssh menu in the related textbox
- Jocko
- Site Admin - expert
- Posts: 11367
- Joined: Tue Apr 12, 2011 4:48 pm
- Location: Orleans, France
Re: Public keys authorized lost after restart
by jamesfawcett » Tue Feb 02, 2021 6:10 pm
When I use ssh-copy-id to the NAS, I can see them listed here (screenshot). I don't see an option to add the keys in the FVDWSL-BASE.
Should I be generating the keys on the NAS instead, and using that key on the client?
Thanks
James
Should I be generating the keys on the NAS instead, and using that key on the client?
Thanks
James
You do not have the required permissions to view the files attached to this post.
- jamesfawcett
- Donator VIP
- Posts: 7
- Joined: Thu Aug 27, 2020 9:02 am
Re: Public keys authorized lost after restart
by Jocko » Tue Feb 02, 2021 7:26 pm
So I understood...
You did not select the option "SSH Access with rsa key" and when you use ssh-copy-id (which is not included in our firmware) it creates some files which allows to use this mode at the same time with the mode "SSH Access by pwd". So when you reboot the nas, the firmware removes these files.
We want to keep the following behaviour with our firmware : do not to allow both modes at the same time... It is our choice because usually the key mode is often used to get a WAN remote access and then you must open the ssh port. This port is systematically sniffed by some malicious bots and you can got some database on the net according with the researched machine profile. I post here an example with the apache server: http://www.base64online.com/hc.php?q=fvdw-sl%20NAS%20Management. So with these two hosts (old recording,I know it is a machine using our firmware and I can also try to connect to the ssh server !!! As the default login is known (and I found a site which lists it!) I will get a root access if the user does not have yet changed the password !
And think at each time you upgrade the firmware the custom password of the root account is also reset...
So in your case, do not use ssh-copy-id and you just have to change the login mode and paste your public key. (Please to read the help page)
You did not select the option "SSH Access with rsa key" and when you use ssh-copy-id (which is not included in our firmware) it creates some files which allows to use this mode at the same time with the mode "SSH Access by pwd". So when you reboot the nas, the firmware removes these files.
We want to keep the following behaviour with our firmware : do not to allow both modes at the same time... It is our choice because usually the key mode is often used to get a WAN remote access and then you must open the ssh port. This port is systematically sniffed by some malicious bots and you can got some database on the net according with the researched machine profile. I post here an example with the apache server: http://www.base64online.com/hc.php?q=fvdw-sl%20NAS%20Management. So with these two hosts (old recording,I know it is a machine using our firmware and I can also try to connect to the ssh server !!! As the default login is known (and I found a site which lists it!) I will get a root access if the user does not have yet changed the password !
And think at each time you upgrade the firmware the custom password of the root account is also reset...
So in your case, do not use ssh-copy-id and you just have to change the login mode and paste your public key. (Please to read the help page)
- Jocko
- Site Admin - expert
- Posts: 11367
- Joined: Tue Apr 12, 2011 4:48 pm
- Location: Orleans, France
Re: Public keys authorized lost after restart
by jamesfawcett » Tue Feb 02, 2021 7:31 pm
Great ok thank you Jocko, and makes good sense for security :) Thanks for your help. I will find another way without using ssh-copy-id.
ps - the ssh-copy-id is set on my raspberry pi. The Raspberry Pi rsync's all the files to the NAS to /share/1000/Backups/ every week. It works very well, very stable :)
Thanks
James
ps - the ssh-copy-id is set on my raspberry pi. The Raspberry Pi rsync's all the files to the NAS to /share/1000/Backups/ every week. It works very well, very stable :)
Thanks
James
- jamesfawcett
- Donator VIP
- Posts: 7
- Joined: Thu Aug 27, 2020 9:02 am
5 posts
• Page 1 of 1
Return to Lacie Network Space vs1
Who is online
Users browsing this forum: No registered users and 3 guests