- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: SFTP to ReadyNAS
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am attempting to set up a backup for an external user via SFTP. I am testing connectivity using FileZilla. When I connect to SFTP with the ReadyNAS admin account, I can view the folder contents, create files, etc. When I connect as one of the domain admins, I instead see a folder labeled users;UNIX.mode=0775,owner=33268 (etc.).
User authentication mode is enabled under System -> Services -> FTP and the "enable FTPS" checkbox is checked. I have created a share specifically for SFTP access (under Shares -> Shares) and Domain Admins have been given read/write permission under the FTP button (under Network Access) and have been added to the security tab (under File Access) also with Read/Write permissions.
What am I missing? Why can the admin account that's local to the box get the correct settings but domain admins can't? Authentication type is set to Active Directory, by the way.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello tskin,
So, okay I just found out something.
ReadyNAS OS 6 does not currently allow you to enable SSH access on a domain user account, only the admin account. There's no way to restrict who can and cannot access the NAS via SSH/SFTP/SCP if domain accounts are enabled; it's an "all or nothing" setting with AD. As long as they have a domain account, they would have SFTP access to the NAS. Also, ReadyNAS OS 6 does not support SFTP chroots, which prevent users from accessing things that are not for them to see.
Either way, the permissions are based on file access permissions and not share access permission.
Regards,
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SFTP to ReadyNAS
Just to clarify - are you testing sftp or ftps?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SFTP to ReadyNAS
I'd forgotten there was a difference between SFTP and FTPS but why does it work properly with the device account but not with the AD accounts?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SFTP to ReadyNAS
Hello tskin,
FTPS is encrypting existing FTP protocol over SSL while SFTP is via SSH.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SFTP to ReadyNAS
Thanks, JennC, but I'm not drawing the connection between that and authentication. Why would I be able to connect as an AD user (but can't write to the share) but I can read/write when connecting as an admin to the box?
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello tskin,
So, okay I just found out something.
ReadyNAS OS 6 does not currently allow you to enable SSH access on a domain user account, only the admin account. There's no way to restrict who can and cannot access the NAS via SSH/SFTP/SCP if domain accounts are enabled; it's an "all or nothing" setting with AD. As long as they have a domain account, they would have SFTP access to the NAS. Also, ReadyNAS OS 6 does not support SFTP chroots, which prevent users from accessing things that are not for them to see.
Either way, the permissions are based on file access permissions and not share access permission.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Re: SFTP to ReadyNAS
Interesting. Okay, maybe I can make that work. Thanks, JennC