[HOW-TO] Install Optware/OpenSSH as default SSHd Server
-
- First post
- Posts: 1
- Joined: Mon May 27, 2013 11:12 pm
Re: [HOW-TO] Install OpenSSH as default SSHd Server
I think i won't be "off topic" with my intervention but i am experiencing a pretty big problem also with my ssh admin login to a QNAP ts-419p.
The things is that i am only able to login with admin (since the sshd_config file must contains "AllowUsers admin") but the password is not recognized.
Of course i have double checked and did not make a too long or short password.
Password for admin on the web interface works but not for ssh nor telnet.
I think i have screwed up something on the sshd_config file or something else.
Also i have installed OpenSSH and there may be some confusion between which port is listenning on what...
I would like to know before i do a reboot of the qnap if,
- first it can resolve those kind of problems and
- if all my apache configuration won't be reset (stuff like SSL certificates and keys)
Thanks.
Hope to hear any solution...
(ps: i have installed OpenSSH in order to use gitosis on qnap)
The things is that i am only able to login with admin (since the sshd_config file must contains "AllowUsers admin") but the password is not recognized.
Of course i have double checked and did not make a too long or short password.
Password for admin on the web interface works but not for ssh nor telnet.
I think i have screwed up something on the sshd_config file or something else.
Also i have installed OpenSSH and there may be some confusion between which port is listenning on what...
I would like to know before i do a reboot of the qnap if,
- first it can resolve those kind of problems and
- if all my apache configuration won't be reset (stuff like SSL certificates and keys)
Thanks.
Hope to hear any solution...
(ps: i have installed OpenSSH in order to use gitosis on qnap)
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: [HOW-TO] Install OpenSSH as default SSHd Server
You can check the status of your SSHd/OpenSSH daemons with the following command:arthurart85 wrote:I think i won't be "off topic" with my intervention but i am experiencing a pretty big problem also with my ssh admin login to a QNAP ts-419p.
The things is that i am only able to login with admin (since the sshd_config file must contains "AllowUsers admin") but the password is not recognized.
Of course i have double checked and did not make a too long or short password.
Password for admin on the web interface works but not for ssh nor telnet.
I think i have screwed up something on the sshd_config file or something else.
Also i have installed OpenSSH and there may be some confusion between which port is listenning on what...
I would like to know before i do a reboot of the qnap if,
- first it can resolve those kind of problems and
- if all my apache configuration won't be reset (stuff like SSL certificates and keys)
Thanks.
Hope to hear any solution...
(ps: i have installed OpenSSH in order to use gitosis on qnap)
Code: Select all
ps faxo "%U %t %p %a" | grep sshd | grep -v grep
Code: Select all
ps faxo "%U %t %p %a" | grep sshd | grep -v grep
admin 12-00:23:11 12199 /opt/sbin/sshd
admin 00:37 2948 \_ sshd: admin@pts/4
admin 12-00:21:46 27104 /usr/sbin/sshd -f /etc/ssh/sshd_config -p 12121
Nothing in my tutorial changes anything in QNAP's apache setup, so nothing in my tutorial should adversely affect your Webserver at all. Both SSHd daemons use the standard /etc/passwd file (unless pre-shared keys are configured), so I can not explain why your password is failing. Is you password working with either daemon?
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
-
- Experience counts
- Posts: 1560
- Joined: Mon Feb 07, 2011 5:40 am
- Location: Bratislava, Slovakia
- Contact:
Re: [HOW-TO] Install OpenSSH as default SSHd Server
seems that 4.0.1 has openssh:
sshd: illegal option -- v
OpenSSH_6.1p1, OpenSSL 0.9.7a Feb 19 2003
sshd: illegal option -- v
OpenSSH_6.1p1, OpenSSL 0.9.7a Feb 19 2003
experience with administration of UN*X (mostly linux) and applications on internet servers since 1994...
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: [HOW-TO] Install OpenSSH as default SSHd Server
True enough it does. However, check out the OpenSSL version! The Optware version includes OpenSSL from 2012.fantomas wrote:seems that 4.0.1 has openssh:
sshd: illegal option -- v
OpenSSH_6.1p1, OpenSSL 0.9.7a Feb 19 2003
Code: Select all
/opt/sbin/sshd -v
sshd: illegal option -- v
OpenSSH_5.9p1, OpenSSL 0.9.8v 19 Apr 2012
usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]
[-f config_file] [-g login_grace_time] [-h host_key_file]
[-k key_gen_time] [-o option] [-p port] [-u len]
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
-
- Experience counts
- Posts: 1560
- Joined: Mon Feb 07, 2011 5:40 am
- Location: Bratislava, Slovakia
- Contact:
Re: [HOW-TO] Install OpenSSH as default SSHd Server
that's correct. however I was trying to use 4.0.1 beta with openssl 1.0 installed. It seemed to work without problems - hopefully it will get to official firmware soon.
experience with administration of UN*X (mostly linux) and applications on internet servers since 1994...
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: [HOW-TO] Install OpenSSH as default SSHd Server
Yeah, that would be nice. Unlike the original QNAP SSHd daemon, the OpenSSH daemon properly respects the $HOME directory in the /etc/passwd file. I have complained about this issue for the past 3 years through more than 10 Firmware versions, so it would be nice if QNAP finally fixes this annoying issue.fantomas wrote:that's correct. however I was trying to use 4.0.1 beta with openssl 1.0 installed. It seemed to work without problems - hopefully it will get to official firmware soon.
OpenSSH/OpenSSL is indeed the long term solution. However, owners of "legacy" QNAP NAS models will likely need to continue to use my solution, as they are no longer getting Firmware upgrades, and therefore will NOT get this upgrade from QNAP.
I hope for their sake that they will follow my advice in this thread rather than attempting to follow QNAPedia article: How To Replace SSH Daemon With OpenSSH. As I alluded to in my original post in this thread, I believe that following the QNAPedia article: How To Replace SSH Daemon With OpenSSH is dangerous, as it can result in "Lockout" if Optware/OpenSSH doesn't load, and the QNAP one is no longer present.
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
-
- New here
- Posts: 3
- Joined: Wed Jul 24, 2013 2:31 pm
Re: [HOW-TO] Install OpenSSH as default SSHd Server
Dear Patrick,
meanwhile there is the 4.02 Firmware as offical version.
Have you checked if the internal OpenSSH-Daemon respects the $HOME-Directory in the /etc/passwd yet?
If so, I don't need to install OpenSSH from optware, right?
Best regards and thanks a lot for this article!
meanwhile there is the 4.02 Firmware as offical version.
Have you checked if the internal OpenSSH-Daemon respects the $HOME-Directory in the /etc/passwd yet?
If so, I don't need to install OpenSSH from optware, right?
Best regards and thanks a lot for this article!
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: [HOW-TO] Install OpenSSH as default SSHd Server
Yes, I've checked. It's still "broken":Kiekse wrote:Dear Patrick,
meanwhile there is the 4.02 Firmware as offical version.
Have you checked if the internal OpenSSH-Daemon respects the $HOME-Directory in the /etc/passwd yet?
If so, I don't need to install OpenSSH from optware, right?
Best regards and thanks a lot for this article!
QNAP SSHd:
Code: Select all
ssh admin@nasty2 -p 12121
admin@nasty2's password:
[~] # echo $HOME
/root
[~] # echo $PS1
[\w] #
[~] # echo $PATH
/bin:/sbin:/usr/bin:/usr/sbin:/usr/bin/X11:/usr/local/sbin:/usr/local/jre/bin
[~] # /bin/ps | grep sshd | grep 12121
23856 admin 952 S /usr/sbin/sshd -f /etc/ssh/sshd_config -p 12121
[~] # /usr/sbin/sshd -v
sshd: illegal option -- v
OpenSSH_6.1p1, OpenSSL 1.0.1e 11 Feb 2013
usage: sshd [-46DdeiqTt] [-b bits] [-C connection_spec] [-c host_cert_file]
[-f config_file] [-g login_grace_time] [-h host_key_file]
[-k key_gen_time] [-o option] [-p port] [-u len]
[~] #
My solution runs "my" Bash initialization files, which fixes the $HOME variable, my prompt ($PS1), and my $PATH properly:
My custom Optware/OpenSSH solution:
Code: Select all
ssh admin@nasty2
HOME = /share/homes/admin
admin@NASTY2:~# echo $HOME
/share/homes/admin
admin@NASTY2:~# echo $PS1
\[\e]0;\u@\h: \w\a\]${debian_chroot:+($debian_chroot)}\[\033[01;32m\]\u@\h\[\033[00m\]:\[\033[01;34m\]\w\[\033[00m\]\$
admin@NASTY2:~# echo $PATH
/share/homes/admin/bin:/opt/bin:/opt/sbin:/bin:/sbin:/usr/bin:/usr/sbin:/usr/bin/X11:/usr/local/sbin:/usr/local/jre/bin
admin@NASTY2:~#
My solution works properly, and yet still permits access to the QNAP provided one, if for some reason OpenSSH doesn't load properly. I have done more than 10 Firmware upgrades since implementing my solution, and it continues to work as I expect without requiring any further tweaking. (I've even setup my SSH authorized keys on my OpenSSH setup, so that I don't even have to provide a password when I access my NAS via SSH).
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
-
- First post
- Posts: 1
- Joined: Fri Oct 18, 2013 6:36 pm
Re: [HOW-TO] Install Optware/OpenSSH as default SSHd Server
Hello Patrick,
I followed your very detailed instruction.
Thanks for that.
I have a openSuse client and I want to use the backup software "back in time" to make backups on my Qnap.
This software requires password-less authentication via ssh (solved) and sshfs for mounting.
I made some tests and the sshfs mounting does not work on the port 22 at all.
The Qnap build-in on port (8022, the one I took) is working fine and allows a sshfs mount without any issues.
How do I make this feature also available to the openssh port 22?
Did I miss something?
I am using a TS-219P+ latest firmware version installed.
Thanks in advance
Stefan
I followed your very detailed instruction.
Thanks for that.
I have a openSuse client and I want to use the backup software "back in time" to make backups on my Qnap.
This software requires password-less authentication via ssh (solved) and sshfs for mounting.
I made some tests and the sshfs mounting does not work on the port 22 at all.
The Qnap build-in on port (8022, the one I took) is working fine and allows a sshfs mount without any issues.
How do I make this feature also available to the openssh port 22?
Did I miss something?
I am using a TS-219P+ latest firmware version installed.
Thanks in advance
Stefan
-
- New here
- Posts: 5
- Joined: Sat Dec 28, 2013 10:29 pm
Re: [HOW-TO] Install Optware/OpenSSH as default SSHd Server
Hello Patrick,
Thank you for this nice and clear HOW-TO. I am encountering a problem with auto starting openSSH though
I am using firmware version: 4.0.5.
When I run my autorun.sh manually it works fine, openSSH starts and I can use it. But when I reboot openSSH is not running.
My autorun.sh:
I tried both lines but they give the same result.
After rebooting the log file shows the echo lines:
Sat Dec 28 15:37:36 CET 2013 : Overwritting usb.agent
Sat Dec 28 15:37:36 CET 2013 : Starting openSSH
But # ps | grep ssh returns:
4504 admin 1072 S /usr/sbin/sshd -f /etc/ssh/sshd_config -p 222
7783 admin 1988 S sshd: admin@pts/0
8759 admin 576 S grep ssh
Does anyone have an idea what is going wrong?
Best regards,
Marco
Thank you for this nice and clear HOW-TO. I am encountering a problem with auto starting openSSH though
I am using firmware version: 4.0.5.
When I run my autorun.sh manually it works fine, openSSH starts and I can use it. But when I reboot openSSH is not running.
My autorun.sh:
Code: Select all
#!/bin/sh
#Overwrite usb.agent for printer to work
echo "`date` : Overwritting usb.agent" > /share/MD0_DATA/.qpkg/autorun/autorunLog.txt
cp /share/Programs/HPdriverQNAP/usb.agent /etc/hotplug
#Start openSSH
echo "`date` : Starting openSSH" >> /share/MD0_DATA/.qpkg/autorun/autorunLog.txt
#/opt/sbin/sshd
/share/MD0_DATA/.qpkg/Optware/sbin/sshd
After rebooting the log file shows the echo lines:
Sat Dec 28 15:37:36 CET 2013 : Overwritting usb.agent
Sat Dec 28 15:37:36 CET 2013 : Starting openSSH
But # ps | grep ssh returns:
4504 admin 1072 S /usr/sbin/sshd -f /etc/ssh/sshd_config -p 222
7783 admin 1988 S sshd: admin@pts/0
8759 admin 576 S grep ssh
Does anyone have an idea what is going wrong?
Best regards,
Marco
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: [HOW-TO] Install Optware/OpenSSH as default SSHd Server
Try this...Marc.O wrote:Hello Patrick,
Thank you for this nice and clear HOW-TO. I am encountering a problem with auto starting openSSH though
I am using firmware version: 4.0.5.
When I run my autorun.sh manually it works fine, openSSH starts and I can use it. But when I reboot openSSH is not running.
My autorun.sh:I tried both lines but they give the same result.Code: Select all
#!/bin/sh #Overwrite usb.agent for printer to work echo "`date` : Overwritting usb.agent" > /share/MD0_DATA/.qpkg/autorun/autorunLog.txt cp /share/Programs/HPdriverQNAP/usb.agent /etc/hotplug #Start openSSH echo "`date` : Starting openSSH" >> /share/MD0_DATA/.qpkg/autorun/autorunLog.txt #/opt/sbin/sshd /share/MD0_DATA/.qpkg/Optware/sbin/sshd
After rebooting the log file shows the echo lines:
Sat Dec 28 15:37:36 CET 2013 : Overwritting usb.agent
Sat Dec 28 15:37:36 CET 2013 : Starting openSSH
But # ps | grep ssh returns:
4504 admin 1072 S /usr/sbin/sshd -f /etc/ssh/sshd_config -p 222
7783 admin 1988 S sshd: admin@pts/0
8759 admin 576 S grep ssh
Does anyone have an idea what is going wrong?
Best regards,
Marco
Code: Select all
/share/MD0_DATA/.qpkg/Optware/sbin/sshd -f /share/MD0_DATA/.qpkg/Optware/etc/openssh/sshd_config
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
-
- New here
- Posts: 5
- Joined: Sat Dec 28, 2013 10:29 pm
Re: [HOW-TO] Install Optware/OpenSSH as default SSHd Server
Thnx for the fast reply. But it is still not running after a reboot:Try this...Code: Select all
/share/MD0_DATA/.qpkg/Optware/sbin/sshd -f /share/MD0_DATA/.qpkg/Optware/etc/openssh/sshd_config
ps | grep ssh
4600 admin 1080 S /usr/sbin/sshd -f /etc/ssh/sshd_config -p 222
6559 admin 2224 S sshd: admin@pts/0
7621 admin 576 R grep ssh
- pwilson
- Guru
- Posts: 22533
- Joined: Fri Mar 06, 2009 11:20 am
- Location: Victoria, BC, Canada (UTC-08:00)
Re: [HOW-TO] Install Optware/OpenSSH as default SSHd Server
What does the System Log tell you?Marc.O wrote:Thnx for the fast reply. But it is still not running after a reboot:Try this...Code: Select all
/share/MD0_DATA/.qpkg/Optware/sbin/sshd -f /share/MD0_DATA/.qpkg/Optware/etc/openssh/sshd_config
ps | grep ssh
4600 admin 1080 S /usr/sbin/sshd -f /etc/ssh/sshd_config -p 222
6559 admin 2224 S sshd: admin@pts/0
7621 admin 576 R grep ssh
Code: Select all
grep ssh /var/log/messages
Patrick M. Wilson
Victoria, BC Canada
QNAP TS-470 Pro w/ 4 * Western Digital WD30EFRX WD Reds (RAID5) - - Single 8.1TB Storage Pool FW: QTS 4.2.0 Build 20151023 - Kali Linux v1.06 (64bit)
Forums: View My Profile - Search My Posts - View My Photo - View My Location - Top Community Posters
QNAP: Turbo NAS User Manual - QNAP Wiki - QNAP Tutorials - QNAP FAQs
Please review: When you're asking a question, please include the following.
- Moogle Stiltzkin
- Guru
- Posts: 11448
- Joined: Thu Dec 04, 2008 12:21 am
- Location: Around the world....
- Contact:
Re: [HOW-TO] Install Optware/OpenSSH as default SSHd Server
thk you wilson for the guide.
just want to ask though, what does openssh have that qnap's default ssh doesn't ?
just want to ask though, what does openssh have that qnap's default ssh doesn't ?
NAS
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1
Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)
Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
[Main Server] QNAP TS-877 (QTS) w. 4tb [ 3x HGST Deskstar NAS & 1x WD RED NAS ] EXT4 Raid5 & 2 x m.2 SATA Samsung 850 Evo raid1 +16gb ddr4 Crucial+ QWA-AC2600 wireless+QXP PCIE
[Backup] QNAP TS-653A (Truenas Core) w. 4x 2TB Samsung F3 (HD203WI) RaidZ1 ZFS + 8gb ddr3 Crucial
[^] QNAP TL-D400S 2x 4TB WD Red Nas (WD40EFRX) 2x 4TB Seagate Ironwolf, Raid5
[^] QNAP TS-509 Pro w. 4x 1TB WD RE3 (WD1002FBYS) EXT4 Raid5
[^] QNAP TS-253D (Truenas Scale)
[Mobile NAS] TBS-453DX w. 2x Crucial MX500 500gb EXT4 raid1
Network
Qotom Pfsense|100mbps FTTH | Win11, Ryzen 5600X Desktop (1x2tb Crucial P50 Plus M.2 SSD, 1x 8tb seagate Ironwolf,1x 4tb HGST Ultrastar 7K4000)
Resources
[Review] Moogle's QNAP experience
[Review] Moogle's TS-877 review
https://www.patreon.com/mooglestiltzkin
- schumaku
- Guru
- Posts: 43579
- Joined: Mon Jan 21, 2008 4:41 pm
- Location: Kloten (Zurich), Switzerland -- Skype: schumaku
- Contact:
Re: [HOW-TO] Install Optware/OpenSSH as default SSHd Server
It's not limited to admin logins only...