Beiträge von semitones

    However, when I enter the command ssh -v user-ssh@ip-address I get the message Permission denied (publickey) at the end.


    Where has the public key to be on the server? Normally in the file authorized_keys or not?

    You want to let the OMV gui handle the public keys as much as possible. In other distros you would put the public key in /home/user/.ssh/authorized_keys, but in OMV, you want to login to the webui, and copy it to `Users | Users | <USERNAME> | Edit | Public Keys.`


    Take a look at the OMV ssh documentation for an example of what exactly to copy where. Also make sure you add that user to the appropriate `_ssh` and `sudo` groups, and anything else the docs say to do.


    After this you should be able to ssh into that user.

    [...]when I try to log in via ssh user@ip-address, I get the error message...


    no such identity: C:\\Users\\user/.ssh/omv: No such file or directory

    user@192.168.178.14: Permission denied (publickey).

    Windows Powershell has always been counterintuitive to me, but one thing you could try doing is using the option that specifies the private key file, using


    PowerShell Remoting Over SSH - PowerShell
    Explains how to set up the SSH protocol for PowerShell remoting.
    learn.microsoft.com


    This article has more general information about how Powershell's OpenSSH handles keys: https://learn.microsoft.com/en…nt?source=recommendations


    In particular you might try this section using ssh-agent and ssh-add to handle your private key (in an Admin Powershell). Before you copy it, this snippet assumes that your private key is called "id_ecdsa" and is in a hidden .ssh folder inside your User folder. If you have a different private key, it is probably a good idea to still copy it to that .ssh/ directory and change the 'ssh-add' line to point to your actual file. I think it should support more modern keys like id_ed25519 also.


    Let us know if you get it to work.

    Hey, posting here with suggestions for the excellent Snapraid How-To guide.


    First, consider linking to the plugin documentation at either the top or the bottom: https://wiki.omv-extras.org/do…mv6:omv6_plugins:snapraid


    Second, small exclusion rule correction.


    Original:


    > For directories you must use the ending slash, e.g exclude /Users/ will exclude every Users-directory, exclude /User/ (without the ending slash) will exclude every file named "Users"


    Fixed:


    > For directories you must use the ending slash, e.g exclude /Users/ will exclude every Users-directory at the root of a drive, exclude /Users (without the ending slash) will exclude a file named "Users" in the root directory of the drive.


    One Question:


    In the wiki, it describes the scheduling options. But it does not spell out what the "Every N [time]" does, and there is an ambiguity in Day of month. Here is how I understand what it is trying to do:


    For "Minute" if it reads 5, it will run every hour on the "5", with the box unchecked. If you check the box, it will run every 5 minutes.


    For "Hour", if it reads "5", it will run at 5 A.M., with the box unchecked. If you check the box, it will run every 5 hours.


    For "Day of month" if it reads 5, it will run on the 5th day of the month, with the box unchecked. If you check the box, it will run every 5 days. E.g., 5,10,15,20,25,(30 except in February).


    The ambiguity to me is, will the counting restart from 0 at the beginning of each hour, day, month, or will it roll over?


    For example, if you set minute to 50, hour to *, and check the box, will it run at 00h50, 01h50, 02h50? Or will it truly be every 50 minutes like this? 00h50, 01h40, 02h30...? Same concept with hours and days of the month.


    Specifically I want to know, because I want to schedule SMART tests for Day of the month #1, 2, 3, and only have the scheduled diff start on day 4.

    These are old instrutions. Anyone in the openmediavault-admin group can now be admin. Add a different user to the group and remove admin from that group and/or delete the user.

    I was able to create a new webui-admin via these instructions in this thread (Root login ssh, HTTP only, bin/bash confusion - First Impressions installing OMV7), and verified that I could login and have admin access.



    Then I ssh'ed into OMV, and did the following as root deluser admin openmediavault-admin. This keeps the admin user, but removes them from the openmediavault-admin group.


    After a reboot, I verified that I could no longer login to the webui as 'admin'; but I could still log in and administer the system with my new user.

    No, it is not that simple; otherwise iwould have been implemented that way. OMV does not use the root file system for ANY data. And to prevent that, user home dies are denied and only set when a shared folder is configured.

    Got it! So it sounds like there are at least these three cases.


    1. No user home directory. (No Problem!)

    2. User home directory on a shared folder (No Problem!)

    3. User home directory on the root filesystem (Unsupported, discouraged).


    Now that I know this, maybe I would set up the Shared Folders before trying to create the SSH/sudo user. But it is still not a great solution, since I don't want to enable Home Directories for other users of NAS services, just for the sudo/ssh user, for use with ssh basically to avoid having to use SSH login with the root user.


    I ended up creating the sudo/ssh user first, then creating the home directory with mkhomedir_helper <username> as root, as described in this thread: Root login ssh, HTTP only, bin/bash confusion - First Impressions installing OMV7. Hopefully this won't cause any side effects later.

    Hey votev, thanks for your post. Overall I am very happy with OMV and hope I can help contribute to the documentation as you suggested.


    1. I agree, the documentation does say that Root Login SSH should be disabled right away, at the end of the Installation section. I assume this means right after you setup a separate SSH admin user, if you intend to use SSH at all, and verify SSH access. Maybe I can add a sentence to the docs to make that more clear. (I'll make a separate github thing).


    2. Agreed. It was pretty easy once I found it! Just had to make the self-signed certificate and select it.


    3. Glad it's fixed!!


    4. I am still not sure the "correct" way to do this -- the workflow I found was to create the user in the WebUI, and then login as root and run mkhomedir_helper <username> as root. The webui wanted me to create a shared directory.


    (Fig 1. Location Field is Required. Using the (+) asks you to discard changes, and take you to Figure 2. )


    (Fig 2. Asks you to select the file system on which the Shared Folder [my emphasis] is to be created. The File System field is empty -- it won't let me choose the OS drive, and it shouldn't, because this is for a shared folder. But I just want to enable /home on the OS drive.


    For contributing to the documentation, should I add the mkhomedir_helper <username> command? Or is there something in the webui I'm missing?


    4. That makes sense -- just bad luck on my part. Not a great experience but not the end of the world either.


    5. I'll try changing this as gderf suggested. Glad it is possible these days.


    Thanks again!

    You could just create new users the old fashioned way in the shell using the adduser command.

    I am still unsure which things to do "the old fashioned way" with the CLI, and which things will get overwritten by the webui, so I've been trying to follow the manuals and do things "the OMV way."


    The manuals said to create a new user in the webui, and add it to the sudo and _ssh group. If instead I use `adduser` and the CLI tools to create a sudo/ssh user with a home directory, am I correct in assuming the OMV webui system will not know about this user. And will that be a problem?


    I think I solved it by running mkhomedir_helper <username> as root. Now the ssh/sudo user has .bash_logout, .bashrc, and .profile, and I can use /home/username as expected. Via linuxhandbook.com.


    You need to create a Home Directory, then set it in the User Management settings. Note you'll have to delete/recreate your user to give it a home folder in the new Home you created. You also may want to make sure you're putting said user in the proper shell (/bin/bash).


    I tried to do this, but I couldn't find a way to create a directory in the User Management settings without making it a "shared directory." I didn't want to make a shared directory, just a /home/ directory on the OS disk for the _ssh/sudo user. I did make sure it was set to `/bin/bash` though, and not `/usr/bin/bash`. Do you know why the latter is an option available?

    Thanks for your response.


    1. Seems like it should be easy, but the other points have made it difficult.


    2. SSL/HTTPS I did find this and enable it eventually, even though my main goal was to change the admin password, I did this first to get rid of the "insecure" warning first.


    3. I am somewhat stuck on this part. I successfully created the user, added them to _ssh and sudo, and added the public key. But the user does not have a directory in /home. When I try enabling this in "Users>Settings" it won't let me select /home, it asks me to have a shared folder. How do I get it to just make the directory in /home and not share it?


    4. I think this was a bug, but not sure how to reproduce it. I did copy the error message and post it here. It said, "500 - Internal Server Error The package archive is held by another process. Please try again later." It hasn't bothered me since.


    Thanks again! And let me know if you have any insight about /home/<username>

    Is it possible to have /home/<username> not as a shared directory, but just for the SSH user to use? If yes, is this a setting that is possible in the Web UI, or how do you do it?


    Is it simple enough to do `mkdir /home/username` ?

    I followed links here from the Common Questions forum post.


    What are the updated values for 2024, and how do you tune them? The OMV 7 Page links to this https://www.samba.org/samba/do…t/man-html/smb.conf.5.htm which lets you read about the various settings.


    One interesting thing, it references `write cache size` but does not have an entry for it.


    By reading these and deleting the ones it recommends not changing, and `write cache size`, I arrived at this list:

    ---

    min receivefile size = 16384

    getwd cache = yes #default is already yes?

    ---

    What are other people using? And how do you recommend tuning these settings?

    I'm having this same problem and looking for the section on home directories to understand how to set them up, This is what the manual says under Users>Settings for OMV 7:


    Zitat

    Settings

    Option to select a shared folder as root for home folders for new users created in the
    web interface. Previously existing users created before enabling this setting will not have
    their home folders moved to this new location. You can manually edit /etc/passwd
    to point them to the new location. Also existing users data in default linux location /home
    has to be moved manually


    If all you want to do is enable /home/<username> for your user, does it suffice to "enable" home directories and put `/home` for the location? It seems like it wants you to put a shared folder under location. Just leave it enabled with location set to "none" to enable /home/<username>?

    Hi,


    I recently came back to OMV after a long break, and want to capture my first impressions here, in case they are useful user feedback. I'm also hopeful to learn why things are the way they are.


    Things that bothered me when I installed OMV:


    1. Root login to SSH by default.


    I understand that some people like to keep root accounts on debian for admin purposes. I'm more comfortable creating a sudoer admin instead, and disable SSH root login, but this ends up being difficult. Maybe someday there could be an option in the installer to disable the root user and create an admin user instead?


    2. Webadmin is HTTP only


    Following the installation instructions over at https://docs.openmediavault.or…t/installation/index.html, I "type in the IP address" or in my case, the hostname.localdomain I setup in the installation. Unfortunately, this takes me to an HTTP page (Not HTTPS). My browser, firefox, warns me that anything I type in here is insecure, when I try to change the admin password away from the default 'openmediavault'. Not a great User Experience, although I understand that this hopefully is not dangerous if I can trust the security of my LAN. Maybe someday HTTPS can be default.


    3. To create a new user for SSH login that uses /bin/bash which I am most familiar with, I have to know the difference between /bin/bash and /usr/bin/bash ?


    - According to my research, /bin/bash should be preferred, since /usr/bin/bash should link to it on debian. But I am wondering why it is an option to select /usr/bin/bash? It is pretty confusing for me, a regular person jumping from being a desktop linux user to a OMV admin.


    3.5 To create a new user for SSH login, I also have to know about "enable user home directories" and where to put it.


    Shouldn't it just create /home/<username> unless you want it to not have a home directory? I am going to have to research what to put here before I can disable SSH root login.



    4. Error when Updating Packages.


    I notice a notification bell that tells me I can upgrade packages. Since I've just newly installed, that's probably a good idea, so I try. But I get a 500 - Internal Server Error The package archive is held by another process. Please try again later. Can this be improved?


    5. Why can't the name of the default 'admin' webadmin user be changed?


    I understand that if OMV is not accessible to the internet, the risk of someone trying to brute-force logins with "admin" and various passwords is low. But why isn't it possible to change the admin user name so that someone trying to login would have to guess the admin user name as well?



    ---

    Anyway, that is what I've noticed so far. Hope it is helpful to say these things and if anyone knows the reason why things are this way, I would be curious to know as well.


    I really do love this software, and the community forum. It makes a big difference.

    Thanks!

    I blindly tried to install ntp because 'last reboot' was giving me a nonsense value. I did not realize this was because a raspberry pi does not have a RTC, and reboots are always 1/1/1970 before chrony/ntp sync it.


    I have removed ntp, and reinstalled chrony, but I cannot reinstall openmediavault due to the error above. (Is it relating to LVM?)

    One more question, does that mean I can simply use the omv-firstaid command insted of editing files? If yes than it will probably fix it. Oh and one another thing, I have and SSD for the server which stores the config files (like Plex, Transmission, Duplicati and some other). Can we just ignore them or I need to connect the SSD too somehow?

    To be honest, I am not sure what you would need exactly to run that `sudo netplan apply` command in the chroot environment. I've mostly done this before to fix GRUB, and followed guides without knowing the details of what I was doing. It might be easier to retry the solutions to getting SSH working again, now that you are getting a green light on your ethernet cable.

    I think the thing to try at this stage (if you haven't) is to chroot and run the command you need to get the IP address set up correctly.


    If you haven't chrooted before, it might seem scary but it is really not. You plug the SD card into your linux computer, use the terminal to chroot into the SD card, and then run the commands you need, and you're done.


    Read this thoroughly, and adapt it to your linux computer. https://www.howtogeek.com/4415…-chroot-command-on-linux/


    I always have to look up how to chroot every time I do it, so I am no expert, but it has saved my bacon a few times in other situations too.

    Apologies for being uneducated and breaking things;


    I have an OMV system on a Raspberry Pi that I try to keep mostly hands-off, and keep up to date with unattended upgrades. However I did something that seems to have broken things.


    The problems seem to have started when I accidentally installed 'ntp.' I did not realize what it was for, and that OMV uses chrony instead. Installing 'ntp' removed the packages `chrony openmediavault openmediavault-flashmemory openmediavault-omvextrasorg`


    When I tried to install them back, I got some errors.



    and




    I can go to the web-interface of OMV like normal, but I can't login. I get this error: `Failed to connect to socket: No such file or directory`

    Code
    Error #0:
    OMV\Rpc\Exception: Failed to connect to socket: No such file or directory in /usr/share/php/openmediavault/rpc/rpc.inc:141
    Stack trace:
    #0 /var/www/openmediavault/rpc/session.inc(57): OMV\Rpc\Rpc::call('UserMgmt', 'authUser', Array, Array, 2, true)
    #1 [internal function]: OMVRpcServiceSession->login(Array, Array)
    #2 /usr/share/php/openmediavault/rpc/serviceabstract.inc(123): call_user_func_array(Array, Array)
    #3 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('login', Array, Array)
    #4 /usr/share/php/openmediavault/rpc/proxy/json.inc(97): OMV\Rpc\Rpc::call('Session', 'login', Array, Array, 3)
    #5 /var/www/openmediavault/rpc.php(45): OMV\Rpc\Proxy\Json->handle()
    #6 {main}


    How badly did I screw up?


    EDIT: Doing omv-firstaid for submitting diagnostic to administrator:


    Code
    Submitting system diagnostic report to the administrator account. Please check your email mailbox ...
    Unknown script, /usr/share/openmediavault/sysinfo/modules.d/| not found.
    ERROR: Command '['omv-sysinfo', '|', 'mail', '-s', 'System diagnostic report', 'root']' returned non-zero exit status 100.