Access OMV from outside

  • Hello everybody,


    I've got a RPi4 with OMV 5 + docker.

    I use NextCloud for my files, but sometimes I need to restart the container in docker, cause sometimes it doesn't work. When I'm at home no problem but when I'm outside it's very annoying. So I wanted to know if there was a way ton access OMV from outside?


    Thanx in advance for your help!

    "La fleeeeeeeur en bouquet fââââne et jamais ne renaîîîît !!!", Le Roi Burgonde, Kaamelott.

  • ssh into the machine and restart the container in the shell.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

  • Well thanx for your fast answer, but I'll need more explanations.

    SSH is activated in OMV. When I'm home I can use the terminal and write "sudo ssh pi@192...", but how to do when i'm outside?


    Thanx.

    "La fleeeeeeeur en bouquet fââââne et jamais ne renaîîîît !!!", Le Roi Burgonde, Kaamelott.

    • Offizieller Beitrag

    I recommend not using port 22 as well. Forward port 12345 (or whatever) to port 22. Then the bots won't constantly be trying to get in.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Ok, let's imagine I succeed to forward the port 12345 (or anything else) to port 22 in my router, what have I to use to access OMV? Do I need a shell or anything else? What command do I have to write? Sorry I'm a noob!?(

    "La fleeeeeeeur en bouquet fââââne et jamais ne renaîîîît !!!", Le Roi Burgonde, Kaamelott.

  • I use WinSCP & Putty to conect from outside.



    WinSCP to copy & Move files


    Putty To use as remote shell for OMV


    and Chrome or Firefox or Edge to login on OMV webGUI ( redirect port xxx to port 80 of your NASIP)

  • Make sure to enable "key authentification" and disable "password authentification" for ssh. (after testing key authentification)

    Plain (unencrypted) http traffic from outside to your OMV is no good idea.

    Either use https or enable ssh port forwarding for http access to your OMV through the secure ssh tunnel.


    Cheers,

    Thomas

  • Ouch thanx for all these advices, but unless I've got a tutorial for all of that, I think I'm not able to follow this... I'm really noob... 8o

    "La fleeeeeeeur en bouquet fââââne et jamais ne renaîîîît !!!", Le Roi Burgonde, Kaamelott.

  • Ouch thanx for all these advices, but unless I've got a tutorial for all of that, I think I'm not able to follow this... I'm really noob... 8o

    This is what search engines are for.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

  • This is what search engines are for.

    So don’t need this forum?


    I found that on YouTube :

    Externer Inhalt m.youtube.com
    Inhalte von externen Seiten werden ohne Ihre Zustimmung nicht automatisch geladen und angezeigt.
    Durch die Aktivierung der externen Inhalte erklären Sie sich damit einverstanden, dass personenbezogene Daten an Drittplattformen übermittelt werden. Mehr Informationen dazu haben wir in unserer Datenschutzerklärung zur Verfügung gestellt.

    It’s a Techno Dad Life tutorial using Mediaguard.


    Do you think it’s a good solution? It seems to be easy, but is it secure? Thanx

    "La fleeeeeeeur en bouquet fââââne et jamais ne renaîîîît !!!", Le Roi Burgonde, Kaamelott.

  • I found that on YouTube


    It’s a Techno Dad Life tutorial using Mediaguard.


    Do you think it’s a good solution? It seems to be easy, but is it secure? Thanx

    If all you need to do is restart a docker container, ssh is all you need, is already on the system, and is the simplest solution. Login and type one command. Done.

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

    Einmal editiert, zuletzt von gderf ()

  • Finally I didn't succeed with ssh so I followed Technodadlife tutorial and it works. I used duckdns in pivpn setup, and it's good.

    "La fleeeeeeeur en bouquet fââââne et jamais ne renaîîîît !!!", Le Roi Burgonde, Kaamelott.

  • RoiBurgonde

    Hat das Label gelöst hinzugefügt.
    • Offizieller Beitrag

    The original post of this thread brings up a question I have often searched for the answer with very little success. Reading the OMV5 Documentation on SSH, and this Guide by subzero79 would indicate that SSH tunneling is possible, but I have never been able to pull it off. I have been able to generate a public key in my Access Rights Management—>user—>Public keys in the RFC4716 format, and I am able to store my private key in ~/.ssh on my laptop. I have my port forwarded on my router in the five-digit range and all the buttons flipped the right way in the SSH tab. But when I try to connect via terminal on my laptop I get permission denied (publickey). I can’t see that I am missing anything in the guide, although it is a bit dated (2015 & OMV2).


    Don’t get me wrong. I’m not complaining. I am just curious about the way this topic appears on this forum. Is it old school, low tech, or just plain unsafe? I appreciate the other options mentioned in this thread, but what if you don’t want to mess with a VPN? Why is there so little real material on this subject on the forum and why do some warn that it is unsafe to expose SSH to the Internet even with high-number port forwarding, and others do not. Asking for a friend. :D

  • There is nothing low tech or unsafe about ssh access to remote systems if implemented properly.


    Have you looked in OMV's logs for sshd specific errors?


    One thing that can be an 'invisible' factor is that if you use Windows Notepad and possibly other word processing programs on your key files, the CRLFs are not *nix compatible. You can't tell this by looking.


    I used the procedure here to generate a key on my Linux Mint machine and send the public key to my OMV machine. I didn't use any portion of OMV's WebGUI to do this. It was all done from the remote machine.


    https://www.howtoforge.com/lin…all-ssh-keys-on-the-shell

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

  • I can hear your point of view. But I keep thinking it’s really easier to follow a tutorial like Techno dad life for a noob like me. I don’t say it’s a better way to do what I wanted to do but it’s definitely easier...

    "La fleeeeeeeur en bouquet fââââne et jamais ne renaîîîît !!!", Le Roi Burgonde, Kaamelott.

  • I can hear your point of view. But I keep thinking it’s really easier to follow a tutorial like Techno dad life for a noob like me. I don’t say it’s a better way to do what I wanted to do but it’s definitely easier...

    What are you going to do if you need remote shell access?

    --
    Google is your friend and Bob's your uncle!


    OMV AMD64 7.x on headless Chenbro NR12000 1U 1x 8m Quad Core E3-1220 3.1GHz 32GB ECC RAM.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!