Posts Tagged SSH
So you’ve got Symform all set up and running on your Synology NAS, and you’ve been contributing space, but now the volume that has your contribution folder is getting full, adn you’d like to move it without disrupting the data that other Symform users like yourself have trusted you with. How to do it? Easily.
In this example, I’ll show you how to move it from volume1 to volume2.
First, stop the Symform service from Package Center.
Next, SSH into your Synology box and move the target directory to it’s new location, in this case, /volume2/SymformContribution
mv /volume1/SymformContribution/ /volume2
Next, edit the /volume1/@symform/lib/node.config file using vi and update the location by finding the line similiar to the following…
<contribution enabled="True" fragmentStorePath="/volume1/SymformContribution" port="53432" />
… and changing
(Note, this is the same file that’s used to update the incoming port, see this post for more information.)
Save the file, and restart the Symform service.
Questions or comments are welcome in the comments section below. Thank you for reading!
So today I was going through my Synology NAS and noticed .DS_Store files all over the place.
These are actually files containing extended attributes created by Finder in Mac OS X. But, since they get written out to network locations, they can cause backup and versionining issues.
To disable them from being created on network locations, open a Terminal and run the following
defaults write com.apple.desktopservices DSDontWriteNetworkStores true
(Note: This only affects the currently-logged-in user)
Now in my case, I had these files all over my Synology NAS, so I was able to easily get rid of them by SSHing into the box and running the following:
find / -name .DS_Store -delete
The @eaDir directories contain extended attributes and thumbnails that take up quite a bit of space, not unlike Windows Thumbs.db files.
Here’s how to get rid of them easily from the command line.
First, SSH into your Synology NAS box and log in as root, then type this to locate the @eaDir folders:
find . -name "@eaDir" -type d | more
If you’re happy you’re not going to accidentally delete something important, then make it happen:
find . -name "@eaDir" -type d -print0 | xargs -0 rm -rf
Note that after deleting the directories, you may also want to disable the services that created them.
Do you have any feedback on the above? Please leave it in the comments section below. Thank you!
Various forums throughout the Internet have users stating that even though they’ve disabled media indexing the @eaDir folders are still being generated, and even outside the indexed folders.
In order to completely stop the generation of @eaDir folders, it’s necessary to disable the services that are generating them.
Note that after a DSM update, these services may be re-enabled.
To disable these services, log in to your Synology NAS via SSH, then do the following:
cd /usr/syno/etc.defaults/rc.d/ chmod 000 S66fileindexd.sh S66synoindexd.sh S77synomkthumbd.sh S88synomkflvd.sh S99iTunes.sh
After disabling the services, you may want to delete all the created @eaDir directories.
Any feedback on the above is welcome, please leave it in the comments section below. Thank you!
You can control the front LEDs (as well as triggering other hardware events) on a Synology NAS by sending certain values to /dev/ttyS1, either from a script of from the CLI via Telnet or SSH.
These commands “force” the LED state, and therefore the LEDs can’t be used as status indicators after being forced. You can, however, simply reboot the NAS to restore normal operation; the settings do not survive a reboot.
Below are a list of commands that can be run from the command line (if you are logged in as root) or incorportated into a script. Note that the # character and everything after it are comments, and some characters require escaping.
These are only the commands I could get to work on my NAS.
echo 1>/dev/ttyS1 # Immediate power off (not graceful) echo 4>/dev/ttyS1 # Power LED on solid echo 5>/dev/ttyS1 # Power LED flash echo 6>/dev/ttyS1 # Power LED off echo 7>/dev/ttyS1 # Status LED off echo 8>/dev/ttyS1 # Status LED on solid green echo A>/dev/ttyS1 # USBCopy LED flash echo @>/dev/ttyS1 # USBCopy LED on solid echo B>/dev/ttyS1 # USBCopy LED off echo C>/dev/ttyS1 # Immediate reset (not graceful) echo :>/dev/ttyS1 # Status LED on solid amber echo ;>/dev/ttyS1 # Status LED flashing amber
If you know if any other values to send to ttyS1, or anything else you’d like to share regarding this, please feel free to do so in the comments below. Thank you!
Symform is a cloud-based backup solution which allows you to have 10 GB of backup space free, and get additional free space, as well as support, by contributing space.
In order to contribute, you need to have a port forwarded to your Synology device. However, in my experience, I wasn’t able to choose the port (as it’s chosen randomly during installation). If the port number that the Symform service chooses is already taken, or you prefer to assign another port number, here’s how to do it.
To do this, you will already need to know how to set up port forwarding on your router, and install and set up the Symform service on your Synology NAS, as well as be familiar with how to SSH into your Synology NAS. This only shows you how to manually edit the contribution port number chosen by the Symform service.
Make sure the Symform service is stopped
Do this by logging into your Synology on the admin port (usually 5000 or 5001) and going to Package Center. Under Installed, you can stop the Symform service by clicking the stop button. Once the service is stopped (as shown below), you can continue.
SSH into your Synology NAS
If you haven’t already, turn on the SSH (or telnet) service by going to Control Panel > Terminal, and enabling the desired service. Next, SSH (or telnet) into your Synology NAS box. Once logged in, go to the Symform configuration directory by typing:
Next, open node.config with the vi editor:
Locate a line starting with
<contribution enabled="True" fragmentStorePath= and scroll to the right of that line, and you will see
port="43100" (or another port number). If you’re not familiar with the vi editor, carefully follow the following commands to edit the file in-place:
- Press the a key to enter append (editor) mode
- Cursor to the value and use the keyboard to edit it
- Press the ESC key to exit editing mode
- Type :w followed by enter to save the file
- Type :q followed by enter to quit the editor
Now go back to Package Center and start the Symform service.
You will be able to see the updated port number in your Symform control panel.
If you have any questions, comments, or thoughts to share, please do so in the comments below. Thank you!
In my quest for the perfect “in my dreams” backup solution for my Ubuntu VPS, I created this very simple script which can be run as a cron job and can be easily modified to backup any amount of data to any remote FTP or SFTP server.
You could very easily include a database backup by running mysqldump beforehand, but I’m not including it in this script.
This required yafc to be installed, but Ubuntu installations can easily install it by running
sudo apt-get install yafc
And now, for the script:
#!/bin/bash # format of the open command is proto://username:password@HOSTorIP/ # proto is either ftp or ssh # special characters in the username or password are not well tolerated # anything in the EOF tags are direct commands to yafc. Test if unsure DIR=`date +%F` yafc <<EOF open ftp://username:email@example.com/ cd backup-dir mkdir $DIR cd $DIR put -p -r * close exit EOF
Enjoy! Questions, comments, and feedback are welcome and appreciated. Thank you!
So today I was using smbmount to mount a network share from my Synology DiskStation to my Linux PC when I noticed a rather annoying file permissions issue that I couldn’t seem to fix. Why am I using smbmount and not Gnome’s GUI to mount? Because I need root to have access to the file system as well so that CrashPlan can back up to it.
Here’s what happened:
First, I mounted the share (as root):
smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike
(For more information on the smbmount or the mount.cifs credentials file, see the Ubuntu manpage for mount.cifs)
That worked great, except for when I do this (as root)…
ls -ld /mnt/mynas
… I get the following output:
drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas
I sure didn’t want the directory world-writable. So I tried specifying
dir_mode as both
0755 using the following (as root):
smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0755,dir_mode=0755
Then I checked it:
ls -ld /mnt/mynas
… and got:
drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas
That didn’t do anything at all to help. Why? Because as it turns out the DiskStation is using a Samba server with CIFS extensions and is passing the permissions to smbmount (mount.cifs). The
dir_mode options are ignored if the remote server is using CIFS extensions.
If the server does not support the CIFS Unix extensions this overrides the default file mode.
If the server does not support the CIFS Unix extensions this overrides the default mode for directories.
Source: Ubuntu manpages.
So there’s a couple of options here. First, I could set it to mount somewhere inside /home/mike, which would generally protect it. But I’d really like to know what’s up with the file permissions. So I did a little more Google-fu.
As it turns out, the CIFS extensions on the DiskStation can be disabled, all it takes is to edit a file. Lepoulpe posted on the Synology forums the following edit:
you can disable “unix extensions” in the ds106’s samba server. To achieve this, you need to add the folowing line in the [global] section of /usr/syno/etc/smb.conf :
So, I SSH’d into my DiskStation as root (should be the same password as ‘admin’ if you’re having trouble) and used the vi editor to make the edit. Afterwards, I restarted samba on the DiskStation by doing this:
Then I remounted the Samba share as root…
smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0750,dir_mode=0750
… and checked the permissions:
ls -ld /mnt/mynas
… and got the following output:
drwxr-x--- 17 mike mike 0 2011-05-20 09:25 mynas
So now I have /mnt/mynas mounted to my share on the DiskStation. If I wanted it to mount on boot, I could add something like the following to /etc/fstab:
//diskstation/mike /mnt/mynas smbfs auto,credentials=/home/mike/mike.cred,uid=mike,gid=mike,dir_mode=0750,file_mode=0750,user 0 0
Questions about my method? Have any feedback or alternate methods to share? Please feel free to do so in the comments below. Thank you!
For the security-minded, or anyone who simply wants to be able to exchange secure, encrypted email quickly and easily, GNOME offers a really user-friendly way to generate and manage PGP/GPG keys. This program is located at System > Preferences > Passwords and Encryption Keys. [Natty/Unity: System Settings > Passwords and Encryption Keys]
You can make a new key by going to File > New… > PGP Key. This guide explains some of the basic key management functions in this application.
Fill in the name, email, and an optional comment. PGP is considered a network of trust, so etiquette states you should use your common legal name (shortened versions are ok) and your primary email address (unless you have a reason to do otherwise). If you frequently go by a nickname, enter that in the comment field.
If you’re interested in the advanced options, you can change them by dropping down “Advanced Key Options.” I’m not going to go too much in to what the various options are, but here’s a quick run-down:
Encryption Type: RSA is generally considered stronger and overall a better choice than DSA. Choose “sign only” if you’re using this as a signing key, and not an encryption key. Only select that option if you know what you’re doing.
Key Strength (bits): The higher the number, the stronger the encryption, but the longer it takes.
Expiration Date: Set this if you want your key to expire at a predefined date/time, or set to never expire. Expiration keys can still decrypt messages, but no new messages can be encrypted to them.
After choosing your options, you’ll be prompted to enter your key pass phrase. DO NOT FORGET IT! Your key will be completely unusable (and you will be unable to revoke it) if you forget the pass phrase. On the same token, avoid making it too easy or guessable.
Next, the key will be generated. This could take a while depending on the key size and the speed of your computer.
Once your key is generated, your public keyring and private keyring will be stored in
~/.gnupg — NEVER distribute your private keyring (
secring.pgp). This is the decryption segment of your keyring.
Next, some more exploration through the Passwords and Encryption Keys application.
Right-clicking on a key gives you the following options, which I’ll explain briefly.
Properties: Here is where you can change your passphrase, add a photo, view your key’s fingerprint, and edit the expiration date and trust level.
Export: This is where you can export your public key for distribution to others (this is the portion of the key that you DO share). By selecting export, you will export an “ASCII-armored” file that can be pasted in email, etc.
Copy: Similiar to export, Copy copies your “ASCII-armored” public key to the clipboard. Makes it easier to post in email, web page, etc.
Delete: This deletes the key. Make sure this is what you want to do!
Sign Key: This is a core part of the key-sharing portion of PGP/GPG. This “signs” the key, using your key. This applies your signature to the key, explicitly stating that you trust the key to some degree. Once you’ve signed the key, you should export the key and send it back to the originator so they can begin distributing it with your signature attached.
So how do you sign a friend’s key?
First, have them export it and send it to you. Next, drag-and-drop the file into the Passwords and Encryption Keys window. It will appear under the Other Keys tab. Once the key has appeared, just right-click on it and click ‘Sign…’ Follow the prompts. Don’t forget to export the key and return it to the sender after you’ve signed it! Work this process in reverse for getting a friend to sign your key. Drag/drop the updated keys back into your key manager to add the new signatures. To verify signatures are present, double-click on the key and look at the Names and Signatures tab.
That’s a quick run-down of the key management functions.
Questions, comments, and feedback about key management are welcome and appreciated. Note that key management may be different in the Unity interface, which is shipped with Ubuntu Natty.
In my opinion, one of Ubuntu’s strongest tools is nautilus’ (the GNOME file manager’s) strong integration with remote files, such as those located on remote FTP, SFTP, WebDav, etc.
While Windows has integration, it’s severely limited and really only supports drag-and-drop copying/pasting and open-in-place documents. Compared to nautilus’ ability to edit-in-place and supporting full file operations, Ubuntu really gives the web developer a strong and convenient set of tools that Windows can’t provide without third-party software.
In the following steps I’ll explain how to connect to an SFTP (SSH) server via nautilus’ built-in networking functions.
Open Places > Network
Select SSH and enter your connection details
In this step, you can check “Add Bookmark” and enter a bookmark name. Your bookmark will be added to the “Places” menu for one-click access to your network location!
Enter your password when prompted.
Browse and enjoy!
Questions, comments, and feedback are welcome and appreciated!