FTP is not secure in the slightest. so i would recommend strongly against it. i never use it on a public LAN for that very reason. if you want secure remote access, look into SSH, SFTP and SCP. Each being something you should read up on and be familiar with before you open them to the world. The Internet can be a dangerous thing.
Everything said above is correct. You do not want to open up regular FTP to the outside world. I do recommend taking the above advice and read up on SSH and SFTP.
Once you are ready, you can follow these steps to get basic SFTP going:
Login to FreeNAS WebGUI
Expand Services
Click FTP
Click Control Services
Turn on SSH
Turn on FTP (should already be turned on, based on your OP)
Create a new user (If you already have a user set up, click Users>username)
- Users>Add User
- Username: username
- Primary Group: wheel
* If user is for SFTP only change to 'nogroup'
- Home Directory: /mnt/YOURMNT/YourMedia
* This is the folder you want the SFTP to start in
- Shell: csh
* If user is for SFTP only, change to 'scponly'
* http://www.debian-administration.org/articles/94 (comments)
- Full Name: Your Name
- Email: Your Email
- Password: yourpass
- Confirm: yourpass
- OK
Whew!
This first test is to verify you can access your box through SFTP and NOT FTP.
- Use your FTP client of choice (FileZilla)
- Host: Your local FreeNAS IP (i.e 192.168.1.X)
- Protocol: Leave as FTP
- Put your username and password from above.
Try to connect and you should get denied.
Now change the protocol to SFTP and try to connect.
It should give a directory listing.
If the user is for SFTP only and you set the primary shell to 'scponly', let's make sure we can't PuTTy into the box
Open PuTTy
- Host: Your local FreeNAS IP
- Open
- Login: username
- Password: password
As soon as you hit enter, PuTTy should just close.
Now we can open it up to the rest of the world.
Open your router admin page and port forward ssh to your FreeNAS box. It will be port 22. The instructions for this will vary depending on your router but you can find most instructions on
www.portforward.com
Basics:
- log into your router
- port forwarding
- new entry: local host: FreeNAS IP, protocol: ssh (tcp>any to single port 22)
- Save
Now find your external ip by going here: ip.nefsc.noaa.gov
Once you have your external IP, repeat the same two tests as above. Open FileZilla and change the host to your external IP, then do the same with PuTTy, making sure that you can only access through SFTP.
This isn't foolproof and this doesn't cover the basics of file permissions or using signed certificates (password-less login, which is even more secure), but I hope this will get you going in the right direction.
Also, I'm not sure if this will break anything with XBMC either, but it should work.
If anybody can fix any mistakes or provide more tips on securing it (via certificates or whatever) please add.
