General NAS-Central Forums

Welcome to the NAS community
It is currently Fri Jul 28, 2017 6:41 pm

All times are UTC




Post new topic Reply to topic  [ 7 posts ] 
Author Message
 Post subject: Q:SSH with public key
PostPosted: Mon Mar 10, 2014 1:52 am 
Offline

Joined: Mon Mar 10, 2014 1:37 am
Posts: 2
Ok so I am trying to have my NAS call home and run a rsync script every night, to backup a server. The rsync script runs fine, after setting up the public/private key(ssh-keygen and ssh-copy-id -i [remoteserver]), but to test the process i rebooted and the key I had generated is gone. So i seems the /.ssh folder is purged after reboot. Does anyone know of a why to stop this from happening or another location I can store the key to protect it from the reboot purge?

I am on version 4.0.8.23976 FW


Top
 Profile  
 
PostPosted: Wed Mar 12, 2014 7:05 pm 
Offline

Joined: Mon Jun 16, 2008 10:45 am
Posts: 6016
I guess that directory is on a ramdisk. That's not strange, the whole rootfs is a ramdisk (initramfs), only on certain places a 'real' partition is mounted.

So you have to run a script on boot which either copies the key back, or changes the homedirectory for that user.


Top
 Profile  
 
PostPosted: Thu Mar 13, 2014 8:06 pm 
Offline

Joined: Mon Mar 10, 2014 1:37 am
Posts: 2
That is basically what I did, I used cron to run my script and it restores the SSH key/hosts list.

Code:
#!/bin/bash
_now=$(date +%d%m%Y-%H%M%S)

(
  echo "_ backup start "$(date +%H:%M:%S)
  echo " "
  now=$(date +"%m_%d_%Y")
  echo "Checking for .ssh folder with credentials in it."
  echo " "
 
  [ -d "/.ssh" ] && echo "Found /.ssh folder." || (echo "Did not find ./ssh folder." && cp -r /mnt/pools/A/A0/.ssh /.ssh && echo "Folder /.ssh has been restored.")
  echo " "

  echo "Starting rsync script"

  /usr/bin/rsync -avz --delete --ignore-errors --exclude-from=/mnt/pools/A/A0/Backups/exclude.list \
   --log-file='/mnt/pools/A/A0/Backups/logs/rsync.'$(date +%d%m%Y-%H%M%S)'.log' \
   -e 'ssh -p port#' root@fqdn:/mnt/Ndrive/ /mnt/pools/A/A0/Backups/Ndrive/

  echo " "
  echo "_ backup end "$(date +%H:%M:%S)
) 2>&1 | tee -a /mnt/pools/A/A0/Backups/logs/rsync.$_now.log


The only problem i am having is getting cron(I tried adding MAILTO: to the crontab) or bash to send an email, mail does not work there is no mail bin that i can find.


Top
 Profile  
 
PostPosted: Wed Jan 21, 2015 5:03 am 
Offline

Joined: Wed Jul 10, 2013 3:18 pm
Posts: 18
ericdkirk wrote:
That is basically what I did, I used cron to run my script and it restores the SSH key/hosts list.


I'm pretty sure that the passwd file doesn't get wiped. So you can create a new "backup" user and set that user's home directory in (say) /nfs/homes/backup/ and then create the .ssh dir there.

ericdkirk wrote:
The only problem i am having is getting cron(I tried adding MAILTO: to the crontab) or bash to send an email, mail does not work there is no mail bin that i can find.


There's a "mailmail" python script that might do what you need. I doubt it's a drop-in replacement for the "mail" program, but it appears to be attempting to emulate sendmail, judging by the arguments in the file /mnt/apps/usr/share/pyshared/twisted/mail/scripts/mailmail.py. The available parameters are:

--version
-F <sender> # set the From (envelope sender) address
-odb # background delivery
-odf # foreground delivery
-oep # print errors
-ep # print errors (same as -oep)
-t # set the envelope recipient address from the To:, Cc: and Bcc: headers

It expects a mailmail config file (in /etc, I think) to define smarthost, otherwise it will attempt to deliver to 127.0.0.1, which will fail. But it appears that user access also needs to be defined there. More details on the format of the /etc/mailmail file is in mailmail.py loadConfig() function.

Having said all of this, I haven't yet been able to get it to work.

You could possibly install something from Optware.


Top
 Profile  
 
PostPosted: Thu Jan 22, 2015 4:22 am 
Offline

Joined: Wed Jul 10, 2013 3:18 pm
Posts: 18
jez wrote:
There's a "mailmail" python script that might do what you need.

This isn't bearing much fruit.

Much more likely to work is /usr/sbin/smtpsend, which appears to be what the GUI uses when configuring and testing the email settings. Run "head -30 /usr/sbin/smtpsend" to get available arguments. But it looks like it wouldn't be too much trouble to make a wrapper that emulates "mail" for cron to use. I might play with this...


Top
 Profile  
 
PostPosted: Thu Jan 22, 2015 6:41 am 
Offline

Joined: Wed Jul 10, 2013 3:18 pm
Posts: 18
It looks like both original cron and the one from Optware want to use /usr/sbin/sendmail, which is hard-coded into the binary and unchangeable. This means we can't just drop a wrapper script somewhere for cron to use, because /usr/sbin/ is not writeable. I think the easiest thing would be to adjust the crontab entries to redirect STDOUT and STDERR to (eg) /opt/bin/mail which is a wrapper for smtpsend. Something like this:
Code:
MAILTO="me@example.com"
1 * * * * { date; echo do something; } 2>&1 | /opt/bin/mail -s "Message from cron" "$MAILTO"

Then /opt/bin/mail would be something like:
Code:
#!/bin/sh

die() { echo "$@">&2; exit 70; }

# default sender address
DOMAIN="example.com"
[ "$FROM" ] || FROM="`id -un`@$DOMAIN"

ARGS=""
SUBJ=""
RCPT=""
FILE=""

while [ "$1" ]; do
        case $1 in
                -s) shift; SUBJ="$1";;
                -f) shift; FROM="$1"; [ "$FROM" ] || die "From cannot be empty";;
                -a) shift; FILE="$1"; [ "$FILE" ] || die "Filename cannot be empty";;
                -d) ARGS="$ARGS --debug";;
                *) [ "$RCPT" ] && RCPT="$RCPT,"; RCPT="$RCPT$1";;
        esac
        shift
done

[ "$RCPT" ] || die "Specify recipient address(es)"
if [ "$FILE" ]; then
        [ -f "$FILE" ] || die "File not found: $FILE"
        ARGS="$ARGS --attach $FILE"
fi

exec /usr/bin/python /usr/sbin/smtpsend $ARGS --df --from "`id -un`@example.com" --subject "$SUBJ" --
rcpt "$RCPT"


Note that specifying "--df" means that it uses the EMC's email relay, providing the required authentication and connectivity parameters (hostname, port, etc) automatically. Probably better to hard-code the connectivity parameters and use your own mail relay (eg from your ISP or webmail provider). Actually, the smtpsend command might even get these from the settings that are configured via the GUI - I haven't tried.


Top
 Profile  
 
PostPosted: Thu Jan 22, 2015 6:44 am 
Offline

Joined: Wed Jul 10, 2013 3:18 pm
Posts: 18
jez wrote:
I think the easiest thing would be to adjust the crontab entries to redirect STDOUT and STDERR to (eg) /opt/bin/mail which is a wrapper for smtpsend.

On second thoughts, if you're using Optware, you don't want "ipkg install nail" to completely overwrite your mail script, so best to create the wrapper in /opt/bin/mail-wrapper and then make /opt/bin/mail a symlink to mail-wrapper.


Top
 Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 7 posts ] 

All times are UTC


Who is online

Users browsing this forum: No registered users and 3 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB® Forum Software © phpBB Group