NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
RSYNC over SSH backup using a different port - OS 6.1.2
Hi There
My environment:
ReadyNAS RN102
OS: 6.1.2
My goal:
Have an RSYNC-over-SSH backup job configured and running on my ReadyNAS, towards an RSYNC server that uses another port than the standard port 22:
Remote server IP: 128.203.202.1 (fake address)
Remote server SSH port: 30023
My challenge:
The remote RSYNC server is behind a firewall. I have thus configured a port forwarding on my firewall as follows:
my_wan-IP, port 30023 --> my_lan_rsync_server, port 22
For various reasons, it is out of the question to have port 22 facing the internet. That's why I'm forwarding from port 30023 to port 22.
Unfortunately, there seems to have no way to tell frontview to use a different SSH port that 22, when it relates to RSYNC over SSH.
What I have tried:
- From FrontView:
I have set the destination host field to "128.203.202.1:30023" (assuming that 128.203.202.1 is my remote firewall public address), in order to force SSH session over port 30023
=> When I click on "Test connection" button, I can verify with TCPdump that my outgoing packets are indeed send over TCP port 30023 :D
=> But when I click on "Apply" then Frontview reports an error, because it doesn't interprete my destition host field as a valid IP address :cry:
- From CLI console:
I have edited the file /etc/ssh/ssh_config (i.e. SSH client configuration file) on my ReadyNAS, and added the following lines at the top of the file:
Host 128.202.202.1
Port 30023
This way I want to force any SSH session toward 128.203.202.1 to use port 30023. Now I can set the destition host to "128.203.202.1" and nothing else, and make FrontView happy.
=> When I click on "Test connection" button, outgoing traffic goes again over port 30023 :D
=> I can now apply my settings, with no more complaints from FrontView 8)
=> But when I run my backup job manually, it just doesn't care about my SSH client config and thus uses port 22 :evil:
- I have also tried to locate the Frontview backup job script (as suggested in post http://www.readynas.com/forum/viewtopic.php?f=31&t=19857&p=118320&hilit=readynasexclude+rsync#p118320 ), but it looks like this was applicable to ReadyNAS running Radiator, and not to OS 6.
Thus Im stuck at the moment, so I have temporarily open internet facing port 22 on my distant firewall to workaround this. But it is not a long term solution for me ...
Any possible help from one of you guys ? I cant' believe that I'm the only one to face this issue.
PS: BTW, FrontView does not like a FQDN name either, and really wants a real IP address instead :roll:
My environment:
ReadyNAS RN102
OS: 6.1.2
My goal:
Have an RSYNC-over-SSH backup job configured and running on my ReadyNAS, towards an RSYNC server that uses another port than the standard port 22:
Remote server IP: 128.203.202.1 (fake address)
Remote server SSH port: 30023
My challenge:
The remote RSYNC server is behind a firewall. I have thus configured a port forwarding on my firewall as follows:
my_wan-IP, port 30023 --> my_lan_rsync_server, port 22
For various reasons, it is out of the question to have port 22 facing the internet. That's why I'm forwarding from port 30023 to port 22.
Unfortunately, there seems to have no way to tell frontview to use a different SSH port that 22, when it relates to RSYNC over SSH.
What I have tried:
- From FrontView:
I have set the destination host field to "128.203.202.1:30023" (assuming that 128.203.202.1 is my remote firewall public address), in order to force SSH session over port 30023
=> When I click on "Test connection" button, I can verify with TCPdump that my outgoing packets are indeed send over TCP port 30023 :D
=> But when I click on "Apply" then Frontview reports an error, because it doesn't interprete my destition host field as a valid IP address :cry:
- From CLI console:
I have edited the file /etc/ssh/ssh_config (i.e. SSH client configuration file) on my ReadyNAS, and added the following lines at the top of the file:
Host 128.202.202.1
Port 30023
This way I want to force any SSH session toward 128.203.202.1 to use port 30023. Now I can set the destition host to "128.203.202.1" and nothing else, and make FrontView happy.
=> When I click on "Test connection" button, outgoing traffic goes again over port 30023 :D
=> I can now apply my settings, with no more complaints from FrontView 8)
=> But when I run my backup job manually, it just doesn't care about my SSH client config and thus uses port 22 :evil:
- I have also tried to locate the Frontview backup job script (as suggested in post http://www.readynas.com/forum/viewtopic.php?f=31&t=19857&p=118320&hilit=readynasexclude+rsync#p118320 ), but it looks like this was applicable to ReadyNAS running Radiator, and not to OS 6.
Thus Im stuck at the moment, so I have temporarily open internet facing port 22 on my distant firewall to workaround this. But it is not a long term solution for me ...
Any possible help from one of you guys ? I cant' believe that I'm the only one to face this issue.
PS: BTW, FrontView does not like a FQDN name either, and really wants a real IP address instead :roll:
14 Replies
Replies have been turned off for this discussion
- aquarito as well as changing the backup job configuration you should also modify the sqlite3 database:
Skywalker wrote:
# sqlite3 /var/readynasd/db.sq3
sqlite> update backup set dst_port = <PORT> where name = "<JOB_NAME>";
Be careful not to choose ports that are already in use by other things.In fact, change dst_port on ReadyNas OS 6.2.4 (RN 102), in sqlite database, table backup, not change backup proces to use NEW ssh port. Anyone have a idea to do this?
Of course I'm edit own script on bash and every backup process to my own ssh port work's fine, but acctualy Netgear backup process not compatibile with this options.
Hi,
sorry for reviving this old thread.
So I was updating my little RNS102 to 6.4.0 a few days ago and thought, I could try again the rsync + ssh thing with using another port than 22.
I've created a backup job and entered in the target host field <hostname>:<ssh port>.
After pressing the "Test connection" button the NAS connected to my server with the given port! To be sure I've also checked the sshd logs and it confirmed the connection.
Now i was really happy that it finally works... :smileyvery-happy:
.. until I've tried to save the settings.
I'm getting an error popup with the message: Be sure to correct errors.
There seems to be a check in the ReadyNAS admin gui that prevents saving a hostname in the notation <hostname>:<port>. It didn't like the :<port> part.. :smileymad:
Netgear, please remove this check. It would add another feature to the NAS.
Thanks..
aquarito
I agree it would be useful to specify a non-standard port.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
