Posts Tagged SSH

How to move the SymformContribution directory from one volume to another on a Synology NAS

So you’ve got Symform all set up and running on your Synology NAS, and you’ve been contributing space, but now the volume that has your contribution folder is getting full, adn you’d like to move it without disrupting the data that other Symform users like yourself have trusted you with. How to do it? Easily.

In this example, I’ll show you how to move it from volume1 to volume2.

First, stop the Symform service from Package Center.

symform_stopped

Next, SSH into your Synology box and move the target directory to it’s new location, in this case, /volume2/SymformContribution

mv /volume1/SymformContribution/ /volume2

Next, edit the /volume1/@symform/lib/node.config file using vi and update the location by finding the line similiar to the following…

<contribution enabled="True" fragmentStorePath="/volume1/SymformContribution" port="53432" />

… and changing volume1 to volume2.

(Note, this is the same file that’s used to update the incoming port, see this post for more information.)

Save the file, and restart the Symform service.

symform_running

That’s it!

Questions or comments are welcome in the comments section below. Thank you for reading!

, , , , , ,

Leave a comment

Disable and remove .DS_Store files stored on network locations

So today I was going through my Synology NAS and noticed .DS_Store files all over the place.

These are actually files containing extended attributes created by Finder in Mac OS X. But, since they get written out to network locations, they can cause backup and versionining issues.

To disable them from being created on network locations, open a Terminal and run the following

defaults write com.apple.desktopservices DSDontWriteNetworkStores true

(Note: This only affects the currently-logged-in user)

Now in my case, I had these files all over my Synology NAS, so I was able to easily get rid of them by SSHing into the box and running the following:

find / -name .DS_Store -delete

And… done.

, , , , ,

3 Comments

Getting rid of the @eaDir folders on Synology NAS DSM

The @eaDir directories contain extended attributes and thumbnails that take up quite a bit of space, not unlike Windows Thumbs.db files.

Here’s how to get rid of them easily from the command line.

First, SSH into your Synology NAS box and log in as root, then type this to locate the @eaDir folders:

find . -name "@eaDir" -type d | more

If you’re happy you’re not going to accidentally delete something important, then make it happen:

find . -name "@eaDir" -type d -print0 | xargs -0 rm -rf

Note that after deleting the directories, you may also want to disable the services that created them.

Do you have any feedback on the above? Please leave it in the comments section below. Thank you!

, , , ,

4 Comments

Disable indexing and generation of @eaDir directories on Synology NAS

Various forums throughout the Internet have users stating that even though they’ve disabled media indexing the @eaDir folders are still being generated, and even outside the indexed folders.

In order to completely stop the generation of @eaDir folders, it’s necessary to disable the services that are generating them.

Note that after a DSM update, these services may be re-enabled.

To disable these services, log in to your Synology NAS via SSH, then do the following:

cd /usr/syno/etc.defaults/rc.d/
chmod 000 S66fileindexd.sh S66synoindexd.sh S77synomkthumbd.sh S88synomkflvd.sh S99iTunes.sh

After disabling the services, you may want to delete all the created @eaDir directories.

Any feedback on the above is welcome, please leave it in the comments section below. Thank you!

, , , ,

9 Comments

Controlling the front LEDs of a Synology NAS via ttyS1

You can control the front LEDs (as well as triggering other hardware events) on a Synology NAS by sending certain values to /dev/ttyS1, either from a script of from the CLI via Telnet or SSH.

These commands “force” the LED state, and therefore the LEDs can’t be used as status indicators after being forced. You can, however, simply reboot the NAS to restore normal operation; the settings do not survive a reboot.

Below are a list of commands that can be run from the command line (if you are logged in as root) or incorportated into a script. Note that the # character and everything after it are comments, and some characters require escaping.

These are only the commands I could get to work on my NAS.

echo 1>/dev/ttyS1 # Immediate power off (not graceful)
echo 4>/dev/ttyS1 # Power LED on solid
echo 5>/dev/ttyS1 # Power LED flash
echo 6>/dev/ttyS1 # Power LED off
echo 7>/dev/ttyS1 # Status LED off
echo 8>/dev/ttyS1 # Status LED on solid green
echo A>/dev/ttyS1 # USBCopy LED flash
echo @>/dev/ttyS1 # USBCopy LED on solid
echo B>/dev/ttyS1 # USBCopy LED off
echo C>/dev/ttyS1 # Immediate reset (not graceful)
echo :>/dev/ttyS1 # Status LED on solid amber
echo ;>/dev/ttyS1 # Status LED flashing amber

If you know if any other values to send to ttyS1, or anything else you’d like to share regarding this, please feel free to do so in the comments below. Thank you!

, , ,

1 Comment

How to manually change the Symform contribution port on a Synology NAS

Symform is a cloud-based backup solution which allows you to have 10 GB of backup space free, and get additional free space, as well as support, by contributing space.

In order to contribute, you need to have a port forwarded to your Synology device. However, in my experience, I wasn’t able to choose the port (as it’s chosen randomly during installation). If the port number that the Symform service chooses is already taken, or you prefer to assign another port number, here’s how to do it.

To do this, you will already need to know how to set up port forwarding on your router, and install and set up the Symform service on your Synology NAS, as well as be familiar with how to SSH into your Synology NAS. This only shows you how to manually edit the contribution port number chosen by the Symform service.

Make sure the Symform service is stopped

Do this by logging into your Synology on the admin port (usually 5000 or 5001) and going to Package Center. Under Installed, you can stop the Symform service by clicking the stop button. Once the service is stopped (as shown below), you can continue.

symform_stopped

SSH into your Synology NAS

If you haven’t already, turn on the SSH (or telnet) service by going to Control Panel > Terminal, and enabling the desired service. Next, SSH (or telnet) into your Synology NAS box. Once logged in, go to the Symform configuration directory by typing:

cd /volume1/@symform/lib

Next, open node.config with the vi editor:

vi node.config

Locate a line starting with <contribution enabled="True" fragmentStorePath= and scroll to the right of that line, and you will see port="43100" (or another port number). If you’re not familiar with the vi editor, carefully follow the following commands to edit the file in-place:

  • Press the a key to enter append (editor) mode
  • Cursor to the value and use the keyboard to edit it
  • Press the ESC key to exit editing mode
  • Type :w followed by enter to save the file
  • Type :q followed by enter to quit the editor

Now go back to Package Center and start the Symform service.

You will be able to see the updated port number in your Symform control panel.

If you have any questions, comments, or thoughts to share, please do so in the comments below. Thank you!

, , , , ,

Leave a comment

Basic Ubuntu VPS server backup via FTP or SSH SFTP

In my quest for the perfect “in my dreams” backup solution for my Ubuntu VPS, I created this very simple script which can be run as a cron job and can be easily modified to backup any amount of data to any remote FTP or SFTP server.

You could very easily include a database backup by running mysqldump beforehand, but I’m not including it in this script.

This required yafc to be installed, but Ubuntu installations can easily install it by running

sudo apt-get install yafc

And now, for the script:

#!/bin/bash
# format of the open command is proto://username:password@HOSTorIP/
# proto is either ftp or ssh
# special characters in the username or password are not well tolerated
# anything in the EOF tags are direct commands to yafc. Test if unsure
DIR=`date +%F`
yafc <<EOF
open ftp://username:password@ftp.example.com/
cd backup-dir
mkdir $DIR
cd $DIR
put -p -r *
close
exit
EOF

Enjoy! Questions, comments, and feedback are welcome and appreciated. Thank you!

, , , , , , , , ,

1 Comment

Synology DiskStation and Samba mount permissions

So today I was using smbmount to mount a network share from my Synology DiskStation to my Linux PC when I noticed a rather annoying file permissions issue that I couldn’t seem to fix. Why am I using smbmount and not Gnome’s GUI to mount? Because I need root to have access to the file system as well so that CrashPlan can back up to it.

Here’s what happened:

First, I mounted the share (as root):

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike

(For more information on the smbmount or the mount.cifs credentials file, see the Ubuntu manpage for mount.cifs)

That worked great, except for when I do this (as root)…

ls -ld /mnt/mynas

… I get the following output:

drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas

I sure didn’t want the directory world-writable. So I tried specifying file_mode and dir_mode as both 0755 using the following (as root):

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0755,dir_mode=0755

Then I checked it:

ls -ld /mnt/mynas

… and got:

drwxrwxrwx 17 mike mike 0 2011-05-20 09:25 mynas

That didn’t do anything at all to help. Why? Because as it turns out the DiskStation is using a Samba server with CIFS extensions and is passing the permissions to smbmount (mount.cifs). The file_mode and dir_mode options are ignored if the remote server is using CIFS extensions.

file_mode=arg

If the server does not support the CIFS Unix extensions this overrides the default file mode.

dir_mode=arg

If the server does not support the CIFS Unix extensions this overrides the default mode for directories.

Source: Ubuntu manpages.

So there’s a couple of options here. First, I could set it to mount somewhere inside /home/mike, which would generally protect it. But I’d really like to know what’s up with the file permissions. So I did a little more Google-fu.

As it turns out, the CIFS extensions on the DiskStation can be disabled, all it takes is to edit a file. Lepoulpe posted on the Synology forums the following edit:

you can disable “unix extensions” in the ds106’s samba server. To achieve this, you need to add the folowing line in the [global] section of /usr/syno/etc/smb.conf :

unix extensions=no

So, I SSH’d into my DiskStation as root (should be the same password as ‘admin’ if you’re having trouble) and used the vi editor to make the edit. Afterwards, I restarted samba on the DiskStation by doing this:

/usr/syno/etc/rc.d/S80samba.sh restart

Then I remounted the Samba share as root…

smbmount //diskstation/mike /mnt/mynas -o credentials=/home/mike/mike.cred,uid=mike,gid=mike,file_mode=0750,dir_mode=0750

… and checked the permissions:

ls -ld /mnt/mynas

… and got the following output:

drwxr-x--- 17 mike mike 0 2011-05-20 09:25 mynas

Exactly right.

So now I have /mnt/mynas mounted to my share on the DiskStation. If I wanted it to mount on boot, I could add something like the following to /etc/fstab:

//diskstation/mike /mnt/mynas smbfs auto,credentials=/home/mike/mike.cred,uid=mike,gid=mike,dir_mode=0750,file_mode=0750,user 0 0

Questions about my method? Have any feedback or alternate methods to share? Please feel free to do so in the comments below. Thank you!

, , , , , , ,

3 Comments

PGP/GPG Keys in Ubuntu Gnome the easy way

For the security-minded, or anyone who simply wants to be able to exchange secure, encrypted email quickly and easily, GNOME offers a really user-friendly way to generate and manage PGP/GPG keys. This program is located at System > Preferences > Passwords and Encryption Keys. [Natty/Unity: System Settings > Passwords and Encryption Keys]

You can make a new key by going to File > New… > PGP Key. This guide explains some of the basic key management functions in this application.

Fill in the name, email, and an optional comment. PGP is considered a network of trust, so etiquette states you should use your common legal name (shortened versions are ok) and your primary email address (unless you have a reason to do otherwise). If you frequently go by a nickname, enter that in the comment field.

If you’re interested in the advanced options, you can change them by dropping down “Advanced Key Options.” I’m not going to go too much in to what the various options are, but here’s a quick run-down:

Encryption Type: RSA is generally considered stronger and overall a better choice than DSA. Choose “sign only” if you’re using this as a signing key, and not an encryption key. Only select that option if you know what you’re doing.

Key Strength (bits): The higher the number, the stronger the encryption, but the longer it takes.

Expiration Date: Set this if you want your key to expire at a predefined date/time, or set to never expire. Expiration keys can still decrypt messages, but no new messages can be encrypted to them.

After choosing your options, you’ll be prompted to enter your key pass phrase. DO NOT FORGET IT! Your key will be completely unusable (and you will be unable to revoke it) if you forget the pass phrase. On the same token, avoid making it too easy or guessable.

Next, the key will be generated. This could take a while depending on the key size and the speed of your computer.

Once your key is generated, your public keyring and private keyring will be stored in ~/.gnupgNEVER distribute your private keyring (secring.pgp). This is the decryption segment of your keyring.

Next, some more exploration through the Passwords and Encryption Keys application.

Right-clicking on a key gives you the following options, which I’ll explain briefly.

Properties: Here is where you can change your passphrase, add a photo, view your key’s fingerprint, and edit the expiration date and trust level.

Export: This is where you can export your public key for distribution to others (this is the portion of the key that you DO share). By selecting export, you will export an “ASCII-armored” file that can be pasted in email, etc.

Copy: Similiar to export, Copy copies your “ASCII-armored” public key to the clipboard. Makes it easier to post in email, web page, etc.

Delete: This deletes the key. Make sure this is what you want to do!

Sign Key: This is a core part of the key-sharing portion of PGP/GPG. This “signs” the key, using your key. This applies your signature to the key, explicitly stating that you trust the key to some degree. Once you’ve signed the key, you should export the key and send it back to the originator so they can begin distributing it with your signature attached.

So how do you sign a friend’s key?

First, have them export it and send it to you. Next, drag-and-drop the file into the Passwords and Encryption Keys window. It will appear under the Other Keys tab. Once the key has appeared, just right-click on it and click ‘Sign…’ Follow the prompts. Don’t forget to export the key and return it to the sender after you’ve signed it! Work this process in reverse for getting a friend to sign your key. Drag/drop the updated keys back into your key manager to add the new signatures. To verify signatures are present, double-click on the key and look at the Names and Signatures tab.

That’s a quick run-down of the key management functions.

Questions, comments, and feedback about key management are welcome and appreciated. Note that key management may be different in the Unity interface, which is shipped with Ubuntu Natty.

, , , ,

2 Comments

Easy network file management over SSH in Ubuntu

In my opinion, one of Ubuntu’s strongest tools is nautilus’ (the GNOME file manager’s) strong integration with remote files, such as those located on remote FTP, SFTP, WebDav, etc.

While Windows has integration, it’s severely limited and really only supports drag-and-drop copying/pasting and open-in-place documents. Compared to nautilus’ ability to edit-in-place and supporting full file operations, Ubuntu really gives the web developer a strong and convenient set of tools that Windows can’t provide without third-party software.

In the following steps I’ll explain how to connect to an SFTP (SSH) server via nautilus’ built-in networking functions.

Step One

Open Places > Network

Click for full-sized image

Step Two

Select SSH and enter your connection details

Click for full-sized image

In this step, you can check “Add Bookmark” and enter a bookmark name. Your bookmark will be added to the “Places” menu for one-click access to your network location!

Step Three

Enter your password when prompted.

Click for full-sized image

Step Four

Browse and enjoy!

Click for full-sized image

 

Questions, comments, and feedback are welcome and appreciated!

 

, , , ,

1 Comment