[How-To] How to Access Your FreeNAS Server Remotely (and Securely)

Glorious1

Guru
Joined
Nov 23, 2014
Messages
1,211
I had these items correct. Decided to start over and use ssh-keygen -t rsa. All is working now. I also noticed that I had to stop and start the SSH service to make my setting changes take affect. Thanks for your help.
Specifying -t rsa shouldn't make any difference since RSA is already the default key type. I'm guessing restarting the SSH service on FreeNAS after setting everything up was the magic trick for you. I'll make a not of that in the post.
 

Yusuf Limalia

Patron
Joined
Apr 5, 2016
Messages
234
Specifying -t rsa shouldn't make any difference since RSA is already the default key type. I'm guessing restarting the SSH service on FreeNAS after setting everything up was the magic trick for you. I'll make a not of that in the post.

Could be. I struggled on my machine with it as well initially. You're correct though rsa is the default key type on macOS, but nearly all the tutorials on the interwebs explicitly define the -t option.

Restarted the FreeNAS SSH service
Restarted the FreeNAS box
Regenerated the keys

wrote down the public key on pen and paper and put re-entered it back into FreeNAS (okay I didn't do that)

but when I re-ran with -t rsa it seemed to work.

very strange =/
I have this tutorial bookmarked btw and use it as my tunnelling reference as well as SSH access :)
 

Glorious1

Guru
Joined
Nov 23, 2014
Messages
1,211

techcrium

Cadet
Joined
Jul 7, 2017
Messages
2
Hey I tried your steps but I am stuck on putty part.

I used <myDomainName>.duckdns.org with my port 1234 (an example) and putty gives error connection refused.

The thing is, I am able see that it is open on online port checker tools. myDomainName.duckdns.org with my port 1234 would show that it is open.


1. I am able to run the cron job and return ok
2. I have set up port forwarding in my router; in fact I even put it in the DMZ
 

Glorious1

Guru
Joined
Nov 23, 2014
Messages
1,211
Make sure the forwarding in your router is set up correctly and forwards to the port that is set up for SSH on FreeNAS. Otherwise you would have to give more details and screenshots of your forwarding, SSH setup on FreeNAS, etc.
 

SeaWolfX

Explorer
Joined
Mar 14, 2018
Messages
65
I wonder, for Windows, is there an easier way to connect to the shares on the server as if they were local volumes than using CIFS/SMB. It looks like a very complicated process / setup. If not what are the closest alternatives?
 

urdel62

Explorer
Joined
Nov 27, 2016
Messages
53
Hello everyone,

When I try to surf on the net over SSH tunneling and firefox it is extremely slow.
Does anyone have the same issue ?

I ll be on some hotel with public wifi and I ll be glad to surf securely :)

Thanks,
 

VolumeTank

Dabbler
Joined
Dec 23, 2018
Messages
38
Hello everyone,

When I try to surf on the net over SSH tunneling and firefox it is extremely slow.
Does anyone have the same issue ?

I ll be on some hotel with public wifi and I ll be glad to surf securely :)

Thanks,

Honestly that's the big problem that in order to be securely it requires to sacrifice the speed and I don't even think there's a way around this. I was able to connect with port forwarding with VPN client install on my router and also connect by installing VPN server on the router and client on my laptop. Once I connect to the VPN as client from a network out of my home I access my FeeNAS on FTP with a Dynamic DNS still super slow. best way honestly QNAP or Synology and still not going to be super fast but it would be easier and secure.
 

Manyakus

Dabbler
Joined
Jan 9, 2019
Messages
18
Thank you for the step by step guide.
I just recently had the time to build my Freenas and I am seting it up/trying to learn the environment before switching all my data to it from my DAS.

The way I understand it (please correct me if I am wrong), you can access your data from the Internet with these method:

1- SSH on (external) port 22 + USER password for login (this is not recommended)
2- SSH on (external) port other than 22, preferably in the 1500 and above + internal port at 22 (between router and FreeNas) + USER password for login (a little bit more secured)
3- SSH on (external) port other than 22, preferably in the 1500 and above + internal port at 22 (between router and FreeNas) + Public Key Authentication instead of User password login (more secured)

To generate the Public Key Authentication, you can use Putty or Bitvise?
Is there a step by step guide for this?
I managed to make option 2 work so far, by using a high number port and No-IP (Dynamic DNS), however i am struggling to make option 3 works.

Finally,

To access the data on a Windows machine, you can use :
1-SFTP client (software)
2-FireFox (browser - but very slow?)
3-Local network mapped volume (a little bit harder to achieve? any step by step guide?)

To access the data on a Android machine, you can use :
1-CX File Explorer

I'm pretty sure I have some info wrong...but I want to learn
Thanks!
 

Glorious1

Guru
Joined
Nov 23, 2014
Messages
1,211
1-3 seem to be all correct. Really it doesn't matter what your internal (on FreeNAS) SSH port number is, but setting the outward-facing (on router) port to some high arbitrary port is what helps a bit. The internal port could be the same arbitrary number you use on the router.

I think there is a key generation system associated with Putty, but I don't use it, you'll have to google that.

On the Windows machine you can just use Putty to access your FreeNAS server via SSH. Or, if you want to use SFTP, I believe WinSCP can do that (as mentioned in the original post).
 

Manyakus

Dabbler
Joined
Jan 9, 2019
Messages
18
Thank you for the internal PORTS clarification!
I forgot to mention that my goal is not to access the FreeNAS Server CLI but rather the FreeNAS SMB shareable files.
I had some success on my Android phone with CX File Explorer and with Shell NGN on my Windows Laptop using chrome but the file directory that is populated is like and SFTP (not really gorgeous).

My main goal, if it is doable, is to have a Mapped Network Volume accessible from Windows....I travel a lot and having access to my files would be amazing.
 

Glorious1

Guru
Joined
Nov 23, 2014
Messages
1,211
I think if you browse through the 12 pages of posts, there was some discussion among Windows users of the process necessary to do that. Frankly I didn't fully follow it but I'm sure there is some good info in there. Good luck!
 

Manyakus

Dabbler
Joined
Jan 9, 2019
Messages
18
I found this that summarize all the apps and software that can be used to login as SFTP client to an SFTP server:
https://www.sftp.net/clients

If you scoll down, there are some software that lets you Map SFTP Server As a Network Drive:

NetDrive SFTP, FTP, DropBox, GoogleDrive, OneDrive and few others. Commercial. Reverts to a limited free version when the trial is over. Windows.
Web Drive SFTP, FTP, DropBox, GoogleDrive, OneDrive and few others. File system level locking symantics. Synchronization mode and network drive mode. Commercial. Windows, Mac, iOS and Android.
ExpandDrive SFTP, FTP, DropBox, GoogleDrive, OneDrive and few others. Commercial. Windows and Mac.
SFTP NET Drive SFTP. Commercial. Free for personal use. Windows.
win-sshfs Maps remote SFTP drive and make it available to all applications. Open source, last updated in 2012. Works on Windows 7, newer OS versions are not supported. Several forks exists.
WinSshFS 4every1 edition Fork of win-sshfs which works on Win10. Free and open source.
WinSshFS FiSSH edition Fork of win-sshfs focused on UI changes. Free and open source.
SSHFS for Linux Enables you to mount a remote folder on Linux over SSH. FUSE-based, free and open source. Part of most Linux distros.
SSHFS for OS X SSH File System for MAC OS X based on FUSE for OS X. Free and open source.

Will try it tonight!
 

Attachments

  • 1565960537998.png
    1565960537998.png
    185.1 KB · Views: 751

leonbusch

Cadet
Joined
Oct 24, 2019
Messages
8
First of all thanks for that awesome Tutorial! It seems like I made it work. I can ssh to my NAS with Terminal whilst connected to a different Network and navigate through my files.

My only problem is setting up the server in Finder. I am stuck at this point:
Now in the Finder choose Go > Connect to Server, and enter “afp://localhost:15548", simply saying to open an AFP connection to port 15548 on your local computer. Tell it to remember the URL for future use.
And that is essentially what I want to do.
I put in the address and the login window appears, but as I enter my username and the password the password is always wrong! It just consists of four letters (for now) and I typed it in 20 or more times. I tried the passphrase for the key and the accounts password as configured.
I am searching for hours now, but can't find a similar problem on the web. What could be the problem?
Thanks in advance for your help!
 

leonbusch

Cadet
Joined
Oct 24, 2019
Messages
8
I made it work with OSxFuse and sshfs, but it is not as elegant as doing it with finder right away. Any suggestions?
 

LukeSky

Cadet
Joined
Sep 28, 2020
Messages
7
Thank you Glorious for the guide. Though I am a newbie, so I am still stuck on accessing SSH over internet. I am able to ssh into the server locally, and I believe the DuckDNS is fine, since when I ping <subdomain>.duckdns.org, it shows [ip address] beside it. Maybe the problem is my port forwarding? This is a picture of the port for my server.
1601314416228.png

I think this is the port forwarding for my router:
1601314545017.png

Now when I try, ssh -p 8888 user@<subdomain>.duckdns.org, it gives me the error ssh: unable to connect to host <subdomain>.duckdns.org port 8888: Connection Refused.
And I'm confused when I neglect the -p 8888, i get the error: Connection closed by <ip address> port 22. I thought that I didn't use port 22, and changed it to 8888? Any help is appreciated!
 

LukeSky

Cadet
Joined
Sep 28, 2020
Messages
7
Sorry I'm not sure how to edit my reply, because there doesn't seem to be a button for it on my screen, but I would like to add that I was trying some other stuff like making the external port different than the internal port, by keeping the internal port as 22, while making external port a larger number, but it still doesn't work. I used an online port checker, and it does say my port is open, so I'm not sure what is the reason for this error. I'm using Windows 10 and hyperterminal to try and ssh remotely, just in case this is useful.
 

Spearfoot

He of the long foot
Moderator
Joined
May 13, 2015
Messages
2,478
Sorry I'm not sure how to edit my reply, because there doesn't seem to be a button for it on my screen, but I would like to add that I was trying some other stuff like making the external port different than the internal port, by keeping the internal port as 22, while making external port a larger number, but it still doesn't work. I used an online port checker, and it does say my port is open, so I'm not sure what is the reason for this error. I'm using Windows 10 and hyperterminal to try and ssh remotely, just in case this is useful.
You've configured the SSH service on your FreeNAS server to answer on port 8888; your router accepts inbound traffic on port 8888 and forwards it to port 8888 on IP address 192.168.1.17 -- this all looks good, provided 192.168.1.17 is the IP address of your FreeNAS server.

Is your FreeNAS server configured on IP address 192.168.1.17?
 
Top