How to generate a SSL certificate on your Western Digital ShareSpace drive
To be able to use https or SSH you must add SSL certificates to your ShareSpace drive.
Follow these steps and you should be able to use those 
Goto advanced mode
Goto Advanced
Generate SSL certificates
You should be able to enable SSH now
How to enable SSH on a Western Digital ShareSpace
Actually the enabling is quite simple, first log into your ShareSpace and then follow the images below.
You might need this first: How to generate a SSL certificate on your Western Digital ShareSpace drive
How to backup to a Western Digital ShareSpace drive via SSH-only rsync from FreeBSD
This manual helps you to backup directories from your server to a Western Digital ShareSpace.
You might need this: How to enable SSH on a Western Digital ShareSpace
Create directories and generate a key for the target
mkdir /usr/data/backup
mkdir /usr/data/backup/keys
ssh-keygen -t rsa -f /usr/data/backup/keys/sharespace
find /usr/data/backup -type f -exec chmod 600 "{}" \;
find /usr/data/backup -type d -exec chmod 700 "{}" \;Add public key to the ShareSpace root account
ssh root@<SharespaceIP> cd /root mkdir .ssh chmod 700 .ssh # Add key to this file. vi ssh/authorized_keys chmod 700 .ssh/authorized_keys
Add scripts to server
Place backup.sh in /usr/backup/ and functions.sh in /usr/backup/includes/. Then simply edit to your needs and run with ./backup.sh or from Cron.
backup.sh
#!/bin/bash # Backup system # by Marius van Witzenburg <marius@kitara.nl> # http://kitara.nl mailto="marius@kitara.nl" mailfrom="noreply@kitara.nl" root="/usr/data/backup" ### # Do not edit below! ### PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin pid=$$ source $root/include/functions.sh # Create needed directories test -d $root/files || mkdir $root/files test -d $root/include || mkdir $root/include test -d $root/keys || mkdir $root/keys test -d $root/log || mkdir $root/log test -d $root/tmp || mkdir $root/tmp test -d $root/tmp/server || mkdir $root/tmp/server echo $pid > $root/tmp/backup.pid # Sync Public sync_public "192.168.1.50" "neo" "/usr/data/storage/public" 22 sync_public "192.168.2.50" "trinity" "/usr/data/storage/public" 12345 # Sync files to ShareSpace drives sync_sharespace "192.168.1.50" "neo" "/usr/data/files" "files" 22 sync_sharespace "192.168.1.50" "neo" "/usr/data/music" "music" 22 sync_sharespace "192.168.1.50" "neo" "/usr/data/storage" "storage" 22 sync_sharespace "192.168.2.50" "trinity" "/usr/data/files" "files" 12345 sync_sharespace "192.168.2.50" "trinity" "/usr/data/music" "music" 12345 sync_sharespace "192.168.2.50" "trinity" "/usr/data/storage" "storage" 12345 # EOF
includes/functions.sh
#!/bin/bash if [ -z "$root" ] then echo "DO NOT CALL THIS FILE DIRECTLY!" fi date=`date "+%d-%m-%Y"` date_reverse=`date "+%Y-%m-%d"` hostname=`hostname -s` hostletters=`hostname | sed -E 's/([A-Za-z0-9])[^.]*\.?/\1/g'` sshport=22 # Usage: email "subject" "message" email() { all=$@ subject=$1 message=$2 echo -e "From: $mailfrom\nTo: $mailto\nSubject: $subject\n\n$message" | /usr/sbin/sendmail -t $mailto } # Cleanup loggin and temp directories cleanup() { rm -r $root/log/ rm -r $root/tmp/ } stop_public() { all=$@ signal=$1 name=$2 ip=$3 if [ "$signal" != "finish" ] then if [ "$signal" == 'int' ] || [ "$signal" == 'term' ] then cleanup fi logger -s -p daemon.notice -t 'backup' "stop_public(): Public Sync shutdown!. Target: $name ($ip), Signal: $signal" kill $JOB if [ "$signal" == 'int' ] || [ "$signal" == 'term' ] then exit $? else return $? fi fi } # Syntax: sync_public "srv_ip" "srv_name" "source" sync_public() { all=$@ srv_ip=$1 srv_name=$2 src=$3 sshport=$4 # Give it a rest so we don't flood the sshd! sleep 3 key="$root/keys/$srv_name" #trap "stop_public hub $srv_name $srv_ip" SIGHUP trap "stop_public int $srv_name $srv_ip" SIGINT trap "stop_public term $srv_name $srv_ip" SIGTERM alive=`ssh -ax -q -q -o "BatchMode=yes" -o "ConnectTimeout 15" -i $key -p $sshport root@$srv_ip "echo 0 2>&1" && return 0 || echo 1` if [ $alive -eq 0 ] then rsync -e "ssh -ax -i $key -p $sshport" -aWvz --timeout=300 --delete-during $src/ root@$srv_ip:/shares/Public/ >> $root/log/run 2>&1 & JOB=$! wait $JOB tail -2 $root/log/run | logger -p daemon.info -t 'backup' stop_public finish $srv_name $srv_ip else logger -s -p daemon.notice -t 'backup' "sync_public(): Connection to $srv_name ($srv_ip) failed..." fi } stop_sharespace() { all=$@ signal=$1 name=$2 ip=$3 key=$4 if [ "$signal" != "finish" ] then if [ "$signal" == 'int' ] || [ "$signal" == 'term' ] then cleanup fi logger -s -p daemon.notice -t 'backup' "stop_sharespace(): ShareSpace backup shutdown!. Target: $name ($ip), Signal: $signal" kill $JOB if [ "$signal" == 'int' ] || [ "$signal" == 'term' ] then exit $? else return $? fi fi } sync_sharespace() { all=$@ srv_ip=$1 srv_name=$2 src=$3 target=$4 sshport=$5 # Give it a rest so we don't flood the sshd! sleep 3 key="$root/keys/$srv_name" #trap "stop_sharespace hub $srv_name $srv_ip $key" SIGHUP trap "stop_sharespace int $srv_name $srv_ip $key" SIGINT trap "stop_sharespace term $srv_name $srv_ip $key" SIGTERM alive=`ssh -ax -q -q -o "BatchMode=yes" -o "ConnectTimeout 15" -i $key -p $sshport root@$srv_ip "echo 0 2>&1" && return 0 || echo 1` if [ $alive -eq 0 ] then # Create required directory for server name ssh -ax -i $key -p $sshport root@$srv_ip "test -d /shares/backup/$hostname || mkdir /shares/backup/$hostname" JOB=$! wait $JOB # Sync data logger -p daemon.notice -t 'backup' "sync_sharespace(): Syncing '$src'..." rsync -e "ssh -ax -i $key -p $sshport" -rtlDWvp --timeout=300 --chmod=Dug=rwX,Fug=rwX,Do=rX,Fo=r --delete-during $src/ root@$srv_ip:/shares/backup/$hostname/$target/ >> $root/log/run 2>&1 & JOB=$! wait $JOB tail -2 $root/log/run | logger -p daemon.info -t 'backup' stop_sharespace finish $srv_name $srv_ip $key else logger -s -p daemon.notice -t 'backup' "sync_sharespace(): Connection to $srv_name ($srv_ip) failed..." fi } # EOF
How to create SFTP-only user accounts to kill SSH access
Problem Statement
We wanted to create SFTP-only user accounts that cannot SSH into the server to run commands. There is no built-in approach to this problem that we can find so we created a simple shell script to solve it. Here we will discuss how it works.
Step 1: Create a shell script to run as the user’s shell
Create a shell script called /sbin/sftp-only as follows:
#!/bin/sh if [ "$*" != "-c /usr/libexec/sftp-server" ] then echo “Sorry, ssh access not allowed.” exit fi exec /usr/libexec/sftp-server
Step 2: Edit user accounts to use this shell script as user’s shell
Modify user accounts using usermod to set the shell to /sbin/sftp-only so that when user tries to SSH to the server, the shell script will display the “Sorry, ssh access not allowed.” message. And when the user tries to connect to the server via a SFTP client, the shell script will get executed and it will start the SFTP server for the user.
How to restrict users to SFTP only instead of full SSH access
In case you want users to have access to files on your server but you don't want them to be able to execute commands you can limit them to sftp only access.
Add a user to your system like you normally do with an password and then run the following command:
usermod -s /usr/libexec/sftp-server username
Then change add the following to /etc/shells to make it a valid shell:
echo '/usr/libexec/sftp-server' >> /etc/shells
Now this user can only run the sftp server as shell 
Having fun on April 1st with SSH and Mac OS X
Inspired by the latest MacAddict's April Fools' pranks, here are some very handy commands to remotely control a computer of which you are an administrator. These are most useful in a family environment where you own and administer the others' computers. They also work well over AirPort.
First, you need to ssh to the computer using your admin account. Then, you can type in any or all of the following commands.
[robg adds: Read the rest of the article for the pranks. Please note that some of these are quite nasty! Using your power as Admin to remotely reboot someone's machine, for example, is a simply horrendous thing to do. With that said, however, some of the following would be quite fun to do to someone with a good sense of humor...]
Note: Commands that are shown on two lines have the second line indented by two spaces. Enter the command on one line, removing all but one space between the end of the first displayed line and the start of the second...
Absolutely nasty:
sudo kill [program id learned from top] sudo haltsudo rebootsudo osascript -e 'tell app "[name of an open program]" to quit'Note: using 'sudo open' over ssh does not give the user super-user privileges for the opened application.
Power:
sudo osascript -e 'tell app "Finder" to sleep'sudo osascript -e 'tell app "Finder" to shut down'General:
sudo open /Applications/iChat.appsudo osascript -e "set volume 0"sudo osascript -e "beep"sudo osascript -e 'display dialog "Did you know that you are annoying?" buttons "Yes" with icon note'sudo osascript -e 'tell app "Finder" to quit'sudo open [path to an application]Speech:
sudo osascript -e 'say "[whatever]" using "Zarvox"'sudo osascript -e 'say "Dum dum dum dum dum dum dum he he he ho ho ho fa lah lah lah lah lah lah fa lah full hoo hoo hoo" using "Cellos"'osascript -e 'say "oh This is a silly song silly song silly song this is the silliest song ive ever ever heard So why keep you listening listening listening while you are supposed to work to work to work to work its because i hate my job hate my job hate my job its because i hate my job more than anything else No its because youve no life youve no life youve no life and you better go get one after forwarding this crap" using "cellos"'
iTunes Control:
sudo open /Applications/iTunes.app; sudo osascript -e 'say "Play some music. Go on. I dare you." using "Zarvox"'sudo osascript -e 'tell app "iTunes" to stop' -e 'say "Please stop playing your annoying music" using "Zarvox"'sudo osascript -e 'tell app "iTunes" to next track' -e 'say "I did not like that song very much" using "Zarvox"'sudo osascript -e 'tell app "iTunes" to fast forward' -e 'say "This song is boring" using "Zarvox"'sudo osascript -e 'tell app "iTunes" to quit'Have fun, but not too much fun!
Source: http://hints.macworld.com
How to get SSH to execute a command in the background on target machine
If you try to accomplish this directly with SSH... I can tell you, this can be hard to get the job done!
But the solution is quite simple... Create a wrapper around your command which does the job for you.
First prepare your SSH command like:
ssh -ax marius@192.168.3.7 "sh /home/marius/ssh-wrapper > /dev/null 2>&1; exit"
Second is to create the wrapper:
#!/bin/sh sh /home/marius/run &
You don't have to make the files executable since you prefix it with sh.
This works for me on 2 machines without any problems so far.
Good luck!
How to backup from a Western Digital Sharespace to another Sharespace (v2)
I earlier wrote a script to sync two Western Digital ShareSpace drives. Since that was written in a hurry I thought lets have another good look at it...
I changed the checks for USB drives and sync the complete the shares directory instead of only the shares.
The following script is a new rewritten version of the old script which works faster for my use.
You may modify it to suit your situation but please leave the credits in the file
You might need this: How to enable SSH on a Western Digital ShareSpace
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 137 138 139 | #!/bin/sh # WD ShareSpace sync script v1.1 # By Marius van Witzenburg <info@kitara.nl> # http://kitara.nl # # Works with busybox 1.1.1 and newer versions. # # Settings src_ip="172.20.20.22" mailto="marius@kitara.nl" mailfrom="noreply@kitara.nl" daemon="yes" force="no" waittime=5 maxlogs=48 # # DO NOT CHANGE BELOW! # PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin:/usr/local/sbin PID=$$ pwd=`pwd` root=`dirname $0` logdir=${root}/logs logfile=`basename $0` cd ${root} cleanup() { #rm -f ${log} return $? } s_hup() { logger -s -p daemon.notice -t ${logfile} "*** SIGHUP! Exiting... ***" cleanup #exit $? } s_int() { logger -s -p daemon.notice -t ${logfile} "*** SIGINT! Exiting... ***" echo -e "From: ${mailfrom}nTo: ${mailto}nSubject: ShareSpace backup.nnSIGINT! Exiting..." | /usr/sbin/msmtp ${mailto} kill ${JOB} exit $? } s_term() { logger -s -p daemon.notice -t ${logfile} "*** SIGTERM! Exiting... ***" echo -e "From: ${mailfrom}nTo: ${mailto}nSubject: ShareSpace backup.nnSIGTERM! Exiting..." | /usr/sbin/msmtp ${mailto} kill ${JOB} exit $? } trap s_hup SIGHUP trap s_int SIGINT trap s_term SIGTERM if [ "${daemon}" = "yes" ] then logger -s -p daemon.notice -t ${logfile} "Having a rest for the first run..." sleep 30 & JOB=$! wait ${JOB} fi # Loop and loop and loop... while [ "true" ] do # Check if ssh host is up and running. alive=`ssh -ax -c blowfish -q -q -o "BatchMode=yes" -o "ConnectTimeout 5" root@${src_ip} "echo 2>&1" && return 0 || echo 1` if [ "${alive}" -eq 0 ] then # Change the 1 to 1-3 depending on which load you want #loadavg=`ssh -ax -c blowfish root@${src_ip} uptime | sed -e "s/.*load average: (.*...), (.*...), (.*...)/1/" -e "s/ //g"` loadavg=`ssh -ax -c blowfish root@${src_ip} uptime | sed 's/.*average: ([0-9]).*/1/g'` if [ "${loadavg}" -eq 0 ] || [ "${force}" = "yes" ] then # Be sure we have a log dir test -d ${logdir} || mkdir ${logdir} # Shift logs test -f ${logdir}/${logfile}.${maxlogs} && rm -f ${logdir}/${logfile}.${maxlogs} lcur=${maxlogs} while [ ${lcur} -gt 1 ] do lpre=${lcur} lcur=`expr ${lcur} - 1` test -f ${logdir}/${logfile}.${lcur}.gz && mv ${logdir}/${logfile}.${lcur}.gz ${logdir}/${logfile}.${lpre}.gz done test -f ${logdir}/${logfile} && mv ${logdir}/${logfile} ${logdir}/${logfile}.1 test -f ${logdir}/${logfile}.1 && gzip ${logdir}/${logfile}.1 logger -s -p daemon.notice -t ${logfile} "Starting backup from '${src_ip}'" # Sync internal shares and exclude usb shares logger -s -p daemon.notice -t ${logfile} "Syncing internal shares..." rsync -e 'ssh -ax -c blowfish -l root' -aWvz --timeout=30 --exclude="/usb[1-3]-1share1" --delete --stats ${src_ip}:/shares/ /shares/ > ${logdir}/${logfile} 2>&1 & JOB=$! wait ${JOB} # Sync usb shares if connected for x in `ssh -ax -c blowfish root@${src_ip} ls -l /shares/| grep "^d" | awk '{ print $9 }'` do if [ ! -z "`expr ${x} : '(usb[0-9]-[0-9]share[0-9])'`" ] then if [ -d "/shares/${x}/" ] then logger -s -p daemon.notice -t ${logfile} "Syncing ${x}..." rsync -e 'ssh -ax -c blowfish -l root' -aWvz --timeout=30 --delete --stats ${src_ip}:/shares/${x}/ /shares/${x}/ >> ${logdir}/${logfile} 2>&1 & JOB=$! wait ${JOB} fi fi done tail -2 ${logdir}/${logfile} | logger -s -p daemon.info -t ${logfile} else logger -s -p daemon.notice -t ${logfile} "Load average on '${src_ip}' is ${loadavg} - aborting" fi else logger -s -p daemon.notice -t ${logfile} "No access to '${src_ip}' - aborting" fi if [ "${daemon}" != "yes" ] then logger -s -p daemon.notice -t ${logfile} "Backup finished" break fi logger -s -p daemon.notice -t ${logfile} "Waiting for cycle (${waittime} minutes)..." sleep `expr ${waittime} * 60` & JOB=$! wait ${JOB} logger -s -p daemon.notice -t ${logfile} "Running cycle..." done # Go back to old location cd ${pwd} # EOF |
Donations
Follow Me!
Categories
- BSD / Linux / Unix (76)
- Fun (1)
- General (4)
- How to (95)
- Lovebirds (6)
- Mac OS X (24)
- Webdevelopment (31)
Random Quote
Grab life by the throat and force it into submission!