rev |
line source |
pankso@1
|
1 SliTaz Secure File Storage
|
pankso@1
|
2 ===============================================================================
|
pankso@1
|
3
|
pankso@1
|
4
|
paul@11
|
5 Ssfs is personal, secure, fast and light online file storage powered by
|
paul@11
|
6 SSH, Rsync, Lsyncd and SHell script. It monitors a local folder and automatically
|
paul@11
|
7 synchronizes the remote server. When files are transferred they are compressed and
|
paul@11
|
8 encrypted with SSH. Connections to the remote host are automated with a RSA key,
|
paul@11
|
9 and for each client the key must be sent to the server via a SSH password login.
|
pankso@1
|
10
|
paul@11
|
11 Using ssfs lets you have a live synchronized and secure folder between many
|
paul@11
|
12 computers with an online copy on a secure Linux server. But even without any
|
paul@11
|
13 connections you have access to your files. Connections to the remote server
|
pankso@1
|
14 can also be done using the command line and 'ssh' from any clients such as
|
pankso@1
|
15 BSD, Android, OSX or Windows via Putty.
|
pankso@1
|
16
|
paul@11
|
17 Ssfs is very easy to install, setup and configure to make your own secure online
|
paul@11
|
18 file storage. It provides a cmdline tool for the client and the server with a
|
paul@11
|
19 built in help. This README is also a howto in itself.
|
pankso@1
|
20
|
pankso@1
|
21 On the server side admin can choose by creating standard accounts or chrooted
|
paul@11
|
22 accounts which enforce server security by restricting available commands in a
|
pankso@1
|
23 minimal chroot environment. User $HOME should be set to 0700 so users can't see
|
pankso@1
|
24 other users files.
|
pankso@1
|
25
|
pankso@1
|
26
|
pankso@14
|
27 Overview
|
pankso@14
|
28 --------
|
pankso@14
|
29
|
pankso@14
|
30 * Online live sync with encrypted data
|
pankso@17
|
31 * Drop files in a folder and they will be sync
|
pankso@14
|
32 * Even without connection you have your data
|
pankso@17
|
33 * Fast and light using stable and mature GNU tools
|
pankso@17
|
34 * Easy to setup on the client and server side
|
pankso@14
|
35 * Virtual disk for storage with minimal chroot
|
pankso@17
|
36 * Easy to backup, update and maintain vdisk
|
pankso@14
|
37
|
pankso@14
|
38
|
pankso@16
|
39 Quick start guide
|
pankso@16
|
40 -----------------
|
pankso@16
|
41
|
pankso@16
|
42 * Install ssfs on server and clients if not yet done
|
pankso@16
|
43 * Create a vdisk on server # ssfs-server gen-vdisk
|
pankso@16
|
44 * Check if chroot works (exit to quit) # ssfs-server chroot
|
pankso@16
|
45 * Add a chrooted user to the Ssfs virtual disk so it can sync
|
pankso@16
|
46 files or connect via SSH from a client:
|
pankso@16
|
47 # ssfs-server adduser --login=demo --id=2000 --pass=demo
|
pankso@16
|
48 * On the client side: ssfs-box setup or from the cmdline:
|
pankso@16
|
49 $ ssfs setup --login=demo --host="server name or ip"
|
pankso@16
|
50 * On client you can start ssfs on user login via the WM
|
pankso@18
|
51 autostart script and or the command $ ssfs sync
|
pankso@16
|
52
|
pankso@16
|
53
|
pankso@1
|
54 Installation
|
pankso@1
|
55 ------------
|
paul@11
|
56 To work you need a SSH client, 'rsync' and 'lsyncd' installed. On SliTaz you
|
paul@11
|
57 can simply install ssfs and it's dependencies or 'make install' from the
|
pankso@8
|
58 source directory (see the Development section).
|
pankso@1
|
59
|
pankso@1
|
60
|
pankso@1
|
61 Client help and setup
|
pankso@1
|
62 ---------------------
|
paul@11
|
63 The cmdline interface ssfs lets you setup a client and start the daemon and
|
paul@11
|
64 synchronize live with your system session via the Window Manager autostart
|
paul@11
|
65 script or your personal ~/.profile file. To get a list of commands with
|
pankso@8
|
66 a short description:
|
pankso@1
|
67
|
pankso@1
|
68 $ ssfs help
|
pankso@1
|
69
|
pankso@1
|
70 To setup a client by creating a Lua configuration file and sending the RSA key
|
pankso@1
|
71 to the server, you can use the command 'setup'. Setup needs a login name and
|
paul@11
|
72 server name or IP address and it will also create a secure RSA if none exists:
|
pankso@1
|
73
|
pankso@1
|
74 $ ssfs setup --login=user --host=server
|
pankso@1
|
75
|
pankso@1
|
76
|
pankso@1
|
77 GUI & Web interface
|
pankso@1
|
78 -------------------
|
paul@11
|
79 Actually there is a small GTK/Yad but no web interface. The tool ssfs-box will
|
pankso@21
|
80 display info if a configuration file exists or start the setup box. Ther is no
|
pankso@21
|
81 plan for a users files web interface since security if more important, actually
|
pankso@21
|
82 user home have 0700 mode as so standard web server running user www can't see
|
pankso@21
|
83 the files. We may implemnt a HTTP Public dir wich coul handle xHTML pages, a
|
pankso@21
|
84 wiki, etc. Actually they is some work on a Ssfs server web interface with the
|
pankso@21
|
85 goal to provide service status an information.
|
pankso@1
|
86
|
pankso@1
|
87
|
pankso@1
|
88 Get configs on boot
|
pankso@1
|
89 -------------------
|
paul@11
|
90 Ssfs can be used in a boot scripts to connect to a remote host and retrieve data
|
paul@11
|
91 before a user session is started. It can be useful to provide persistent data for
|
pankso@1
|
92 Live systems and web boot.
|
pankso@1
|
93
|
pankso@1
|
94
|
pankso@20
|
95 Quota management
|
pankso@20
|
96 ----------------
|
pankso@20
|
97 Actually the quota storage is based on a shared idea, the vdisk have a size and
|
pankso@20
|
98 all users share the space. For a pay service the vdisk can grow follwing the
|
pankso@20
|
99 users donations or monthly subscription.
|
pankso@20
|
100
|
pankso@20
|
101
|
pankso@1
|
102 Server setup
|
pankso@1
|
103 ------------
|
pankso@1
|
104 On the server you must have a SSH server running and an user account with a
|
pankso@13
|
105 ~/Sync folder in user home. You can have both, staandard accounts or chrooted
|
pankso@13
|
106 accounts, for a hosted service it is recommended to use a chroot and Ssfs
|
pankso@13
|
107 virtual disk. The vdisk can be any size you want and have a minimal chroot
|
pankso@13
|
108 environment that is under 3Mb.
|
pankso@1
|
109
|
pankso@13
|
110 If you want to create a vdisk and chroot automaticaly you can use use the tool
|
pankso@13
|
111 ssfs-server. Here is a short example to create a chroot and create a user
|
pankso@13
|
112 login 'tux-sync' with a protected $HOME in the chroot, the root directory can
|
pankso@13
|
113 be specified on the command line or changed in the configuration file. The
|
pankso@13
|
114 vdisk creation size is set in Gb and can be changed in config file or from
|
pankso@13
|
115 the cmdline:
|
pankso@13
|
116
|
pankso@13
|
117 # ssfs-server gen-vdisk --size=2
|
pankso@1
|
118 # ssfs-server adduser --login=tux-sync --id=2000 --pass=tuX0cc
|
pankso@1
|
119
|
paul@11
|
120 Users can be listed or completely deleted including all files in home. More
|
paul@11
|
121 information can be found with: ssfs-server usage
|
pankso@1
|
122
|
pankso@1
|
123
|
pankso@13
|
124 Ssfs virtual disk
|
pankso@13
|
125 -----------------
|
pankso@13
|
126 A virtual Ssfs disk is a raw file created with dd and formated in ext3. It is
|
pankso@13
|
127 mounted by default on /ssfs and contain a minimal chroot environemt with users
|
pankso@13
|
128 home directory. We use a virtual disk to enforce securiry and use a separate
|
pankso@13
|
129 media for Ssfs secure files, it also protect the host and limit storage size.
|
pankso@13
|
130 The tool ssfs-server handle vdisk creation but you can also create one manually
|
pankso@13
|
131 or use a separate HD if the server have more than one disk. To create 2Gb
|
pankso@13
|
132 vdisk and format it to ext3:
|
pankso@13
|
133
|
pankso@21
|
134 # dd if=/dev/zero of=/home/ssfs.disk bs=1G count=2
|
pankso@13
|
135 # mkfs.ext3 -T ext3 -L "Ssfs" -F /home/ssfs.ext3
|
pankso@13
|
136
|
pankso@13
|
137 Now you have a virtual disk you can mount it, the path must match SSFS_CHROOT
|
pankso@13
|
138 found in ssfs-server.conf, default mount point is /ssfs to clearly separate
|
pankso@13
|
139 the filesystem from the standard host file hierarchy:
|
pankso@13
|
140
|
pankso@13
|
141 # mkdir /ssfs
|
pankso@21
|
142 # mount -o loop -t ext3 /home/ssfs.disk /ssfs
|
pankso@13
|
143
|
pankso@13
|
144 To automaticaly mount the vdisk on boot you may want to add a ssfs system user
|
pankso@13
|
145 and a line into the file /etc/fstab:
|
pankso@13
|
146
|
pankso@13
|
147 # adduser -S -g "Ssfs Server" -h /ssfs -s /bin/false ssfs
|
pankso@21
|
148 /home/ssfs.disk /ssfs ext3 rw,loop,ssfs,ssfs 0 0
|
pankso@13
|
149
|
pankso@20
|
150
|
pankso@1
|
151 Server users config
|
pankso@1
|
152 -------------------
|
pankso@1
|
153 When adding a user with 'ssfs-server adduser', the user is added to the host
|
pankso@1
|
154 /etc/passwd and a custom user config file is created in SSFS_USERS with the
|
pankso@10
|
155 login name.
|
pankso@1
|
156
|
pankso@1
|
157
|
pankso@1
|
158 Development and Bugs
|
pankso@1
|
159 --------------------
|
paul@11
|
160 If you want to install the latest code to test and help in development you can
|
paul@11
|
161 clone the ssfs Mercurial repository. As usual, closely follow the SliTaz light
|
paul@11
|
162 philosophy with speed and security in mind:
|
pankso@1
|
163
|
pankso@13
|
164 $ hg clone http://hg.slitaz.org/ssfs
|
pankso@1
|
165
|
paul@11
|
166 Install with 'make install' (DESTDIR is supported for packaging), update the POT
|
paul@11
|
167 file if any new strings have been added with 'make pot', and merger PO files with
|
paul@11
|
168 the command 'make msgmerge'. Any ideas are welcome and can be discussed. If you
|
pankso@1
|
169 are searching for something to do you can have a look to the TODO file :-)
|
pankso@1
|
170
|
pankso@13
|
171 Bugs can be reported on the SliTaz mailing list, forum or scn since the devel
|
pankso@13
|
172 forum is synced. All sites are liked from the main website at:
|
pankso@13
|
173
|
pankso@13
|
174 http://www.slitaz.org/
|
pankso@1
|
175
|
pankso@1
|
176
|
pankso@1
|
177 ===============================================================================
|
pankso@1
|
178
|