Samba 3.6.25 build for ReadyNAS NV+ v2

Hi mate,

I had a chance last night / today to do a factory reset.

Once reset I tried logging in with the standard smb1 setup and I was having the same problem. After a few hours of pulling my hair out it turned out to be something very simple.

I was trying to access the shares by mapping a network drive in windows 10.

\\xxx.xxx.x.x\c\media

Logging in as admin works fine like this but as a user it says NO !

\\xxx.xxx.x.x\media

It turns out that if I leave the "c" out then I can login as a user no problem :smileylol: :smileyfrustrated:

I'm assuming it has something to do with the fact that only the admin can access \\xxx.xxx.x.x\c but it still doesn't make much sense to me. :smileyindifferent:

Anyway I got everthing setup how I wanted and I then disconneced the mapped drives, disabled SMB1 on my computer and rebooted it.

I installed the new version of your addon and like magic windows connected to it 1st time (without the "c" of course :smileylol:) :smileyvery-happy: I didn't even have to turn SMB off and on in the web interface.

GREAT work Sir !!!

Thank you very much, I (and I guess a fair few others) really appreciate it !

:robotvery-happy:

That's insteresting that you can disable ssh ( I assume you do this over ssh )

So what happens after you type that command ? Does the ssh session your in just get cut off / disconnected ?

I done a factory reset anyway now so don't need it but thanks for the instructions. :smileyhappy:

---

treboR2Robert wrote:

 

I'm assuming it has something to do with the fact that only the admin can access \\xxx.xxx.x.x\c but it still doesn't make much sense to me. :smileyindifferent:

Whether it makes sense to you or not, it is precisely because only the admin can access \\xxx.xxx.x.x\c

There are both network permissions and file permissions involved in access controls.  The C share is set up so that only the admin has the needed network permissions to access it.

---

treboR2Robert wrote:

 

So what happens after you type that command ? Does the ssh session your in just get cut off / disconnected ?

 

---

No, the command stops the sshd daemon (and disables it starting at boot) which prevents new sessions from connecting, but the current session will continue until you log out.

Personally I'd leave ssh enabled, especially on a legacy NAS (where there are no support implications). 

It makes sense that only admin can access c yes.

What doesnt make sense is \\xxx.xxx.x.x\media is NOT the path of media the path of media is \c\media.

When I type \c\media I am trying to access media NOT c

Whether it makes sense to you or whether it makes sense to me doesn't matter as you said.

Thanks for the comment though.

sshambar2 OK I see what you mean now with the ssh daemon, thanks for explaining, it makes sense.

StephenBThanks for the advice about leaving ssh enabled, but I'm hoping there is nothing else I need to do via ssh now, the unit is just going to used as a backup for my TrueNAS server.

My thinking is why leave something enabled that could "potentially" be a security risk. I could be wrong (I usually am). Anyway if there is something else I need to do via ssh I can always enable it again. Is there something you reccomend doing via ssh ?

It is useful for some troubleshooting/fixes.  For instance if the OS partition gets full.

But generally when you need it for that, you can't enable it - because the Web UI isn't working properly.  So I just leave it enabled on my ReadyNAS.  Port 22 isn't exposed to the internet, so the only security risks are on my local LAN.

---

treboR2Robert wrote:

It makes sense that only admin can access c yes.

 

What doesnt make sense is \\xxx.xxx.x.x\media is NOT the path of media the path of media is \c\media.

 

When I type \c\media I am trying to access media NOT c

 

---

 \\xxx.xxx.x.x\media isn't the full Linux path, but it is the share name.  It's done that way so everybody doesn't need access to C.

---

Sandshark wrote:

---

treboR2Robert wrote:

It makes sense that only admin can access c yes.

 

What doesnt make sense is \\xxx.xxx.x.x\media is NOT the path of media the path of media is \c\media.

 

When I type \c\media I am trying to access media NOT c

 

---

 \\xxx.xxx.x.x\media isn't the full Linux path, but it is the share name.  It's done that way so everybody doesn't need access to C.

---

Yes.  Network access to any UNC that starts with \\xxx.xxx.x.x\c requires access to to c share. That is the way SMB network shares work.

---

sshambar2 wrote:

 

If you want to disable ssh, that's pretty easy without reinstalling... run the following (as root)

 

sed -i s/SSH=1/SSH=0/ /etc/default/services

/etc/init.d/ssh stop

And then you can turn it back on again by re-loading the add-on?

The SSH add-on for OS4.x is a toggle, and is called that.  The one for OS5.x is just called an enable, but might also toggle.  I've never tried.

---

Sandshark wrote:

---

The SSH add-on for OS4.x is a toggle, and is called that.  The one for OS5.x is just called an enable, but might also toggle.  I've never tried.

---

I saw this too that for OS4.x the addon is a toggle to turn ssh on and off.

Unfortunately the addon for OS5.x is only for enabling ssh. I actually tried installing it for a 2nd time (to try and disable ssh) and it did nothing, it just said addon installed succesfully and ssh was still enabled.

---

StephenB wrote:

---

---

Yes.  Network access to any UNC that starts with \\xxx.xxx.x.x\c requires access to to c share. That is the way SMB network shares work.

---

Makes sense if you know i guess.

I probably did know at some point and forgot.

And I will probably forget next time too :smileylol:

---

StephenB wrote:

It is useful for some troubleshooting/fixes.  For instance if the OS partition gets full.

 

But generally when you need it for that, you can't enable it - because the Web UI isn't working properly.  So I just leave it enabled on my ReadyNAS.  Port 22 isn't exposed to the internet, so the only security risks are on my local LAN.

 

 

---

I see your reasoning.

Hopefully mine will be ok though as I am only using the system as a backup for my TrueNAS and 99% of the time it will be off and just get powered on by schedule for backups.

The only service running will be rysnc and https. (SMB I will turn on and off as I need it)

Getting TrueNAS to rsync directly to the ReadyNAS the other day took me AGES to fugure out :smileyfrustrated:

I am in two minds at the moment though whether to leave the ReadyNAS at my mums house and try and get the TrueNAS at my house to rsync over ssh so that the backup is "off site".

I think it may be a little over my head though to get that working securely.

---

treboR2Robert wrote:

---

StephenB wrote:

It is useful for some troubleshooting/fixes.  For instance if the OS partition gets full.

 

But generally when you need it for that, you can't enable it - because the Web UI isn't working properly.  So I just leave it enabled on my ReadyNAS.  Port 22 isn't exposed to the internet, so the only security risks are on my local LAN.

 

 

---

I see your reasoning.

Hopefully mine will be ok though as I am only using the system as a backup for my TrueNAS and 99% of the time it will be off and just get powered on by schedule for backups.

The only service running will be rysnc and https. (SMB I will turn on and off as I need it)

 

---

The only file sharing protocol I enable on my own backup NAS is rsync.  Though as I said, I do have ssh enabled on them.

If you disable ssh, then you can still gain access through tech support mode.  Though I haven't gone through the steps needed to mount the OS partition and data volume(s) on the v2 (since I don't own that model).

And of course if the ReadyNAS does run into trouble, you can factory default and run the backups again (as long as the TrueNAS remains healthy).

---

treboR2Robert wrote:

...try and get the TrueNAS at my house to rsync over ssh so that the backup is "off site".

I think it may be a little over my head though to get that working securely.

---

I don't believe your ReadyNAS model has built-in support for rsync over ssh - if I'm correct on that, it would be tricky to get this to work.

---

StephenB wrote:

---

---

treboR2Robert wrote:

...try and get the TrueNAS at my house to rsync over ssh so that the backup is "off site".

I think it may be a little over my head though to get that working securely.

---

I don't believe your ReadyNAS model has built-in support for rsync over ssh - if I'm correct on that, it would be tricky to get this to work.

 

---

I have been doing a bit of research and I think I may have found a way to make it work (maybe) :smileyindifferent:

At home I have a Asus Router running Asuswrt-Merlin with a OpenVPN server.

At my mums I have another Asus Router running Merlin LTS.

I had a "quick" read online and it seems I may be able to set the Router at my mums house to use OpenVPN as a client, BUT only for the ReadyNAS ( so all other devices at my mums wouldn't use the VPN)

I am thinking that this will mean that the ReadyNAS (at my mums) and the TrueNAS (at my house) will think they are on the same network and I can just do normal Rsync betwwen them.

Got some other stuff to do over the weekend so I'll do a bit more research if I get a minute and then I'll try it out next week and report back here incase anyone else wants to do it.

Since the NV+ v2 hasn't gotten security updates in some years, I think that it's better to use a VPN connection for this than to use rsync-over-ssh.