This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
ReadyNAS RN212 - Alerts Email, NFS and default shares
OS6.10.2
1) Setting up alerts - I have tried to confiugure the EMail alerts, but it fails on sending a test mail.
The host I have as smtp.hosts.co.uk on port 465, the 'From' is my Email address on that server and the 'User' is the authenticated login user (with that user's password). TLS is checked. The account requires authentication on smtp.hosts.co.uk.
The error I'm getting is 5008010000.
2) The default shares - Music, Pictures and Videos. I would like to create a mountable NFS share above those as 'media' (as my old ReadyNas Duo had) - so I can keep structures the same across the NASs. Can I just delete the existing shares and recreate them under a new 'media' share? Any implications?
2) The default shares - Music, Pictures and Videos. I would like to create a mountable NFS share above those as 'media' (as my old ReadyNas Duo had) - so I can keep structures the same across the NASs. Can I just delete the existing shares and recreate them under a new 'media' share? Any implications?
You can delete the default shares, and create your own media share. That could have subfolders for Music, Pictures and Videos - or not, that is up to you.
You can't create shares within shares though (which couldn't be done on the Duo either).
The mount for NFS will be /data/media - unlike the Duo, the volume is included in the exported path.
Re: ReadyNAS RN212 - Alerts Email, NFS and default shares
Point 1 - EMail alerts.
Been playing with this and it seems that the NAS needs the posrt to be set to 587 rather than 465. All the other settings remained the same and just the port was changed - the alerts fire off ok.
2) The default shares - Music, Pictures and Videos. I would like to create a mountable NFS share above those as 'media' (as my old ReadyNas Duo had) - so I can keep structures the same across the NASs. Can I just delete the existing shares and recreate them under a new 'media' share? Any implications?
You can delete the default shares, and create your own media share. That could have subfolders for Music, Pictures and Videos - or not, that is up to you.
You can't create shares within shares though (which couldn't be done on the Duo either).
The mount for NFS will be /data/media - unlike the Duo, the volume is included in the exported path.
I think there may be implications of changing Music,Pictures and Videos - which leads me to another question re ssh.
I am just prepping the 212 - copying across the data from the older DUO and mimicking the DUO's structure. I have had a couple of minor issues (as noted here) and on a couple of occasions have seen the suggestion of logging into the 212 via ssh. I had the SSH set up ok and had enabled SSH on my local 212 userid. I could log in as root ok, but I could not log in as my local user - that user got a simple 'Rejected' message.
My user on the 212 is set up in the primary group 'dev'. Am I right in then saying that SSH access to the 212 is restricted to users that belong to the admin group? If so, I can only see a way to set up my users primary group - is there a way to set up multiple groups for a user - ie can my user belong to admin and dev?
Then onto why I was wanted to log in - I couldn't see my music appearing on clients connected to the 212 - even though that data had been copied across. Looking at the /etc/minidlna.conf on the 212, the pointers are to the default /data/Music,Pictures and Videos shares. So the implication of changing the default shares is that minidlna does not appear to pick up the change in the config (even though the new 'media' share I created as the top level - ie /data/media/[Music|Pictures|Videos] - was set up at DLNA enabled.
So, am I also correct in thinking that if the default media folders are changed, then any configs HAVE to be modified via SSH - and if so - what does that do to the guarantee etc?
My user on the 212 is set up in the primary group 'dev'. Am I right in then saying that SSH access to the 212 is restricted to users that belong to the admin group? If so, I can only see a way to set up my users primary group - is there a way to set up multiple groups for a user - ie can my user belong to admin and dev?
If you are working in the OS partition (including /etc ), log in as root. Even logging in as admin can get you into trouble. But you can enable other users for ssh by going to their account settings, clicking on ssh, and then checking "allow shell access".
Then onto why I was wanted to log in - I couldn't see my music appearing on clients connected to the 212 - even though that data had been copied across. Looking at the /etc/minidlna.conf on the 212, the pointers are to the default /data/Music,Pictures and Videos shares.
Hmmm. Mine has a full list of shares. Ones that have DLNA disabled are commented out.
For instance, with media:
When DLNA is disabled I see #dashboard:available=0 media_dir=/data/media
When DLNA is enabled I see media_dir=/data/media
This changes immediately when I change the DLNA setting for the share in the web ui. Did you set the media type to "all" when you enabled DLNA?
So, am I also correct in thinking that if the default media folders are changed, then any configs HAVE to be modified via SSH - and if so - what does that do to the guarantee etc?
No, you shouldn't have to modify the configs with ssh.
As far as support implications, Netgear reserves the right to deny support if they believe your use of ssh caused damage.
SSH - I think I saw an effect and assumed... my mistake.
I have my user 'stevet' - it has Shell Access on the Accounts->SSH -> Shell access option ticked. When I issue ssh -l stevet my.nas.addr from my linux terminal I get a simple:
Rejected
Connection to my.nas.addr closed
..no request for password.
So I tried ticking/unticking and applying the changes to stevet and still got the same result (looking at the screen now, if I untick the shell access and apply that change, the next time I go in the tick is back).
So I tried using root - and that worked fine with the admin password. So, I assumed (stupidly) that maybe the group was the problem - so set up another user 'nasadmin' in group admin - and ticked shell access for that user and it worked fine. So again I assumed my original thoughts on the group were correct.
I have then tried to log in via ssh with another user in a non-admin group and that works as you say - ie simply ticking the shell access box allows shell access irrespective of the group. So obviously my assumptions were wrong.
So my question should have just been - 'I have a user, that has shell access ticked, but when trying to access the NAS via ssh gets 'Rejected' before any password attempt. Any ideas as to why?' . The UID:GID is 1000:1000, I have two ssh keys loaded for that user as well (one per laptop) if that makes any difference.
'I have a user, that has shell access ticked, but when trying to access the NAS via ssh gets 'Rejected' before any password attempt. Any ideas as to why?' . The UID:GID is 1000:1000, I have two ssh keys loaded for that user as well (one per laptop) if that makes any difference.
Just tested this on my own NAS with the same UID:GID, but without ssh keys. The log in worked with no problem.
I did find that I couldn't edit the group or ssh settings if I initially created a user with a weak password. That is a bug, but not directly related to your issue. @JohnCM_S - can you log the bug I just found?
I tried to connect to the DUO as the same id (the UID:GID is the same across the laptops/NASs) and I get the password request and then an auto logout as you do if you don't have shell access (I never set my id to have shell access on the DUO - not even sure if you can!). I tried that to see if the 'Rejected' was somehow related to SSH at my client end - but it appears not.
I do get the 'weak password' warning when editing my account on the 212 - but that hasn't stopped me editing the account successfully - I added the SSH keys independently and that's worked fine.
Any idea where 'Rejected' comes from - I have diff'd the output from the valid admin login and my accounts 'Rejected' login and I get:
debug1: Authenticating to my.nas.addr as 'someadmin' | debug1: Authenticating to my.nas.addr as 'myproblemlogin' debug1: Authentications that can continue: publickey,pas | debug1: Server accepts key: pkalg ssh-rsa blen 279 debug1: Trying private key: /home/myproblemlogin/.ssh/id_dsa | debug1: Authentication succeeded (publickey). debug1: Trying private key: /home/myproblemlogin/.ssh/id_ecdsa < debug1: Trying private key: /home/myproblemlogin/.ssh/id_ed25519 < debug1: Trying private key: /home/myproblemlogin/.ssh/id_xmss < debug1: Next authentication method: password < debug1: Authentication succeeded (password). < > debug1: Remote: Forced command. > debug1: Remote: Forced command. Transferred: sent 2932, received 1884 bytes, in 3.7 seco | Transferred: sent 3372, received 1940 bytes, in 0.1 seconds Bytes per second: sent 791.4, received 508.5 | Bytes per second: sent 61054.7, received 35126.4
So it seems that the admin account moves onto looking for a password, and my account gets some form of forced remote command (presumably rejection) after getting an auth (presumably on the stored ssh keys). So is the problem that you can't have stored keys AND also login via a password?
t wasn't intentional. My user account is used for doing rsyncs from my latop terminal - so presumably I need the SSH keys - and I was going to use that user to connect to the 212 via an ssh connection. Is there another way to set up a user to do this ?
Also, going back to the DLNA settings - looking back to the DUO, I had 'media' defined as the share, then Music, Pictures, Videos were defined within that share and had the DLNA streaming service enabled. On the 212, the services appear to only be allowed at share level - so I have a new share of media and that has DLNA service attached. Maybe that's why I thought I didn't see my Music, Pictures and Videos in the minidlna config. Have the options changed between the old DUO os and OS6 so that services are now only defined at share level?
Have the options changed between the old DUO os and OS6 so that services are now only defined at share level?
Yes. In the Duo, you configured the full path(s) in the ReadyDLNA add-on settings. That path could be to a subfolder of a share. With OS-6 you enable/disable DLNA for the share. Consolidating all the services for a share to one place does simplify management - but it is somewhat more limiting.
One way to solve this w/o SSH is to switch to Plex. That lets you build libraries for specific subfolders, and it includes it's own DLNA server. You'd turn off the built-in DLNA server if you use this approach. Plex does use more resources (particularly memory) than minidlna, but most folks find that it runs well on the NAS. It has additional features - allowing remote access to your media, real-time or off-line transcoding, cover art, etc. Some of those features require a monthly subscription or a plexpass.
Or you could just re-organize the media into separate shares on both NAS. If you are happy with minidlna's features, then that's what I'd suggest.
FWIW, I've gone with an application server+NAS approach. My NAS is used for storage only, and I pair it with an application server that has the data volume mapped to a drive letter. The application server is currently running Windows 10, and hosts plex, crashplan cloud backup, etc. Though more expensive to set up, it gives me more flexibility when upgrading either the applications or the NAS, and it avoids constraining the application footprint to fit within the fairly limited resources in my NAS (which is an RN526x). Note my NAS->NAS backups (incremental rsync) are still hosted on the NAS, using the built-in backup jobs.
My user account is used for doing rsyncs from my latop terminal - so presumably I need the SSH keys - and I was going to use that user to connect to the 212 via an ssh connection. Is there another way to set up a user to do this ?
You'd need the ssh keys if you are wanting to run rsync over ssh. You don't need them just to run rsync. Personally I don't see much need to run rsync over ssh on a home network. It's essential if you are running backups over the internet, and worth considering if you are running on an enterprise network.
That said, if simply adding ssh keys to an account blocks shell access, then it sounds like there is a bug in the ReadyNAS software. Hopefully @JohnCM_S or @Marc_V will chime in.
Thanks for the detailed reply again - really appreciated.
I had hoped just to mimic the DUO and get the 212 running with roughly the same setup (as I recall having initial issues with playlists on the DUO - but it was a while back, so I can't quite remember exactly what). Now I've started down that route (the data has been copying across for a fair few hours!) and the revised structure - I think I will continue. Having said that, plex sounds interesting so I think I'll also download that and see what it does (probably to my laptop first). I'm not sure that having a separate app server (in my case) is currently applicable - as all I currently use on the DUO was the dlna server (and minidlna has been fine so far - the implimentations on each client leaves a bit to be desired though in some cases) and the storage space for backup.
As for the rsync - ssh bit, I thin the rsync I have is set to run over ssh - and I had key issues when I first used it, so set up the ssh-key pairs.
Another slight aside - in certain circumstances, the set up asks for host ip's (Shares->Network Access-> NFS) - is this only full IP - or can you in some way specify the LAN - some thing like 192.168.1.* (192.168.0.0/16?) or 192.168.*...blah . Does OS6 cater for that, and if so in what format?
Another slight aside - in certain circumstances, the set up asks for host ip's (Shares->Network Access-> NFS) - is this only full IP - or can you in some way specify the LAN - some thing like 192.168.1.* (192.168.0.0/16?) or 192.168.*...blah . Does OS6 cater for that, and if so in what format?
There is an old post that says IP address/subnet mask works. For example 192.168.1.0/255.255.255.0 The Web UI accepts that format, but I haven't tested whether it works properly or not. FWIW, it also accepts 10.0.0.0/24. No idea whether that works properly either.
FWIW, the Duo manual doesn't specify this either. If you are already specifying a subnet there, I suggest using the same format with OS-6.
As an aside, I don't see much point in specifying the full LAN subnet if you are using a NAT router - the NAS would only be seeing IP addresses that are within the subnet anyway. If you have multiple network connections to the NAS (using different subnets) it would be more useful.
It would be good to know about the subnets - ie whether '/' notation does work and is intended to work (as I'm not a great fan of using 'features' that turn out to not be supported and then dropped or changed at some stage) - as I had already planned to modify the LAN and split certain types of device into their own subnets. So, although not s ahowstopper, it would be handy to be able to specify permissions by subnet.
Is there someone who would know if subnet notation (in whatever form) is intended to work and is an ongoing supported feature?
Is there someone who would know if subnet notation (in whatever form) is intended to work.
It is pretty easy for you test it. You could apply /28 (255.255.255.240) and exclude some of the IP addresses in your actual network. Then see if that works.
Whether it's an ongoing supported format or not is something only Netgear can say. Maybe one of the mods will chime in ( @Marc_V or @JohnCM_S ).
