× NETGEAR will be terminating ReadyCLOUD service by July 1st, 2023. For more details click here.
Orbi WiFi 7 RBE973
Reply

ReadyNAS Duo - private keys

Fatman1
Aspirant

ReadyNAS Duo - private keys

Hi,

I want to store a private SSH key on my NAS. I can't seem to make the file permissions restrictive enough though.

In Linux, I try:

$ sudo chown fatman ./nikko2.ppk
$ ls -la
total 1024
drwxr-xr-x 1 root root 0 2011-09-19 15:08 .
drwxr-xr-x 1 root root 0 2011-09-23 11:48 ..
-rwxr-xr-x 1 root root 821 2011-01-18 09:20 nikko2.ppk

Didn't error, but clearly didn't work either.

In Windows, I try to set the owner to user fatman. That doesn't error either, but it still doesn't take.

How do I set the owner on this file?

Thanks.
Message 1 of 7
sphardy1
Apprentice

Re: ReadyNAS Duo - private keys

How are you connected to the ReadyNAS? (ie what protocol) And why do you have files & folders owned by root? How were they created? What linux distribution are you using?
Message 2 of 7
Fatman1
Aspirant

Re: ReadyNAS Duo - private keys

Thanks for the reply. To answer your questions:

1. CIFS in both cases.

2/3. Files and folders owned by root seems to be the default. I created the file by copying it from one of my NTFS disks in Windows.

4. Linux distro: Ubuntu Server 10.04 LTS.

[edit]

Oh, I didn't make it clear, but when I entered the commands in my previous post, the current directory was the mount point for the NAS share.
Message 3 of 7
sphardy1
Apprentice

Re: ReadyNAS Duo - private keys

So the NTFS disk explains the root ownership issue (that's a generic issue of using NTFS drives with Linux, there are other ways to mount and avoid this)

But as the files are owned by root and you are accessing the NAS via CIFS, unless you connect to the NAS as the admin user you will not have rights to the files (only admin user has root privileges over CIFS) so chown would be expected to fail

Silent failure of the chown command is a minor worry, but have to admit I don't use CIFS under linux so haven't tried to change ownership/permissions this way
Message 4 of 7
Fatman1
Aspirant

Re: ReadyNAS Duo - private keys

From Linux I'm connecting to the NAS as LINUXBOX\root. That suits me as I'm mounting the NAS in a root-owned location in the file tree.

After that I'm using "sudo" to mimic root, so chown should not fail.

And chown should never fail silently. It's almost as if the NAS filesystem is returning success to the chown command, but failing internally.
Message 5 of 7
sphardy1
Apprentice

Re: ReadyNAS Duo - private keys

I'm surprised you can connect as root, and the symptoms suggest you aren't actually connected as root.

If you have SSH root access enabled you could check via the smbstatus command
Message 6 of 7
Fatman1
Aspirant

Re: ReadyNAS Duo - private keys

Now I'm trying to connect as the matched UID user (see other thread) with the command:


sudo mount.cifs //nas/media /nas/media -ouser

which passes the shell's credentials on to smbclient (I think). I enter the password when prompted and smbclient connects the share.

This smbstatus output confuses me. Doesn't seem to make a lot of sense.


nas:/media/keys# smbstatus

Samba version 3.0.37
PID Username Group Machine
-------------------------------------------------------------------

Service pid machine Connected at
-------------------------------------------------------
media 8212 10.xx.xx.xx Sun Sep 25 02:36:20 2011

No locked files


No user. What the heck?

The two systems (LINUXBOX and NAS) show the same file with different permissions.

On the NAS:


nas:/media/keys# ls -la
total 48
drwxrwxrwt 2 nobody nogroup 16384 Sep 19 15:08 .
drwxrwxrwt 13 nobody nogroup 16384 Sep 23 11:48 ..
-r-------- 1 fatman users 821 Jan 18 2011 nikko2.ppk

which is correct. From LINUXBOX:


fatman@nikko:/$ ls -la /nas/media/keys/nikko2.ppk
-r-xr-xr-x 1 root root 821 2011-01-18 09:20 /nas/media/keys/nikko2.ppk

which is completely wrong. I guess some UID translation is going on?

Oh, I'm confused. Maybe some sleep will un-confuse me.
Message 7 of 7
Top Contributors
Discussion stats
  • 6 replies
  • 774 views
  • 0 kudos
  • 2 in conversation
Announcements