Jump to content

Unraid sftp server

Trojanmantony
 Share
Posted

I am trying to set up an sftp server so I can send files between me and friends I collaborate with on videos we edit.  I specifically want sftp with restrictions on what folders they can access.

 

Does this exist?  All I see is normal ftp server clients but I want the ssh connection.  Toggling it on and off would be nice as well.

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

chroot the user(s)

dont use the default port on your WAN 

Can Anybody Link A Virtual Machine while I go download some RAM?

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

There is no such thing as SFTP server. If you have SSH access, you have SFTP access. SFTP is just FTP over SSH tunnel.

 

Just tested, I can log in with root account fine. Other users are meant only for accessing shares via SMB/NFS/CIFS.

HAL9000: AMD Ryzen 9 3900x | Noctua NH-D15 chromax.black | 32 GB Corsair Vengeance LPX DDR4 3200 MHz | Asus X570 Prime Pro | ASUS TUF 3080 Ti | 1 TB Samsung 970 Evo Plus + 1 TB Crucial MX500 + 6 TB WD RED | Corsair HX1000 | be quiet Pure Base 500DX | LG 34UM95 34" 3440x1440

Hydrogen server: Intel i3-10100 | Cryorig M9i | 64 GB Crucial Ballistix 3200MHz DDR4 | Gigabyte B560M-DS3H | 33 TB of storage | Fractal Design Define R5 | unRAID 6.9.2

Carbon server: Fujitsu PRIMERGY RX100 S7p | Xeon E3-1230 v2 | 16 GB DDR3 ECC | 60 GB Corsair SSD & 250 GB Samsung 850 Pro | Intel i340-T4 | ESXi 6.5.1

Big Mac cluster: 2x Raspberry Pi 2 Model B | 1x Raspberry Pi 3 Model B | 2x Raspberry Pi 3 Model B+

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
10 minutes ago, unijab said:

chroot the user(s)

dont use the default port on your WAN

I wouldn't expose an unRAID server to the outside at all. It does not have a lot of security built-in, as it is designated to be used in a safe/trusted environment.

HAL9000: AMD Ryzen 9 3900x | Noctua NH-D15 chromax.black | 32 GB Corsair Vengeance LPX DDR4 3200 MHz | Asus X570 Prime Pro | ASUS TUF 3080 Ti | 1 TB Samsung 970 Evo Plus + 1 TB Crucial MX500 + 6 TB WD RED | Corsair HX1000 | be quiet Pure Base 500DX | LG 34UM95 34" 3440x1440

Hydrogen server: Intel i3-10100 | Cryorig M9i | 64 GB Crucial Ballistix 3200MHz DDR4 | Gigabyte B560M-DS3H | 33 TB of storage | Fractal Design Define R5 | unRAID 6.9.2

Carbon server: Fujitsu PRIMERGY RX100 S7p | Xeon E3-1230 v2 | 16 GB DDR3 ECC | 60 GB Corsair SSD & 250 GB Samsung 850 Pro | Intel i340-T4 | ESXi 6.5.1

Big Mac cluster: 2x Raspberry Pi 2 Model B | 1x Raspberry Pi 3 Model B | 2x Raspberry Pi 3 Model B+

Link to comment
Share on other sites
Link to post
Share on other sites
Posted

If you're going to do that, make a VM with something like Ubuntu or CentOS, then mount the unRAID share you want to use for the "FTP Folder" into the VM.

If you're going to go this path, the least you will want to do is to ensure that iptables/firewalld and fail2ban are installed - and i would recommend using RSA key based authentication for users connecting to the SFTP using SHA256.

Spoiler

Desktop: Ryzen9 5950X | ASUS ROG Crosshair VIII Hero (Wifi) | EVGA RTX 3080Ti FTW3 | 32GB (2x16GB) Corsair Dominator Platinum RGB Pro 3600Mhz | EKWB EK-AIO 360D-RGB | EKWB EK-Vardar RGB Fans | 1TB Samsung 980 Pro, 4TB Samsung 980 Pro | Corsair 5000D Airflow | Corsair HX850 Platinum PSU | Asus ROG 42" OLED PG42UQ + LG 32" 32GK850G Monitor | Roccat Vulcan TKL Pro Keyboard | Logitech G Pro X Superlight  | MicroLab Solo 7C Speakers | Audio-Technica ATH-M50xBT2 LE Headphones | TC-Helicon GoXLR | Audio-Technica AT2035 | LTT Desk Mat | XBOX-X Controller | Windows 11 Pro

 

Spoiler

Server: Fractal Design Define R6 | Ryzen 3950x | ASRock X570 Taichi | EVGA GTX1070 FTW | 64GB (4x16GB) Corsair Vengeance LPX 3000Mhz | Corsair RM850v2 PSU | Fractal S36 Triple AIO + 4 Additional Venturi 120mm Fans | 14 x 20TB Seagate Exos X22 20TB | 500GB Aorus Gen4 NVMe | 2 x 2TB Samsung 970 Evo Plus NVMe | LSI 9211-8i HBA

 

Link to comment
Share on other sites
Link to post
Share on other sites
Posted
  • Author
On 5/15/2017 at 6:07 AM, jj9987 said:

I wouldn't expose an unRAID server to the outside at all. It does not have a lot of security built-in, as it is designated to be used in a safe/trusted environment.

 

20 hours ago, Jarsky said:

If you're going to do that, make a VM with something like Ubuntu or CentOS, then mount the unRAID share you want to use for the "FTP Folder" into the VM.

If you're going to go this path, the least you will want to do is to ensure that iptables/firewalld and fail2ban are installed - and i would recommend using RSA key based authentication for users connecting to the SFTP using SHA256.

I noticed Paul's hardware is using btsync to send files to his video editor, and as I am looking to do the same would this solution also add some security to sharing files with somebody off the nas?

Link to comment
Share on other sites
Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing Servers, NAS, and Home Lab

×