Pre-requisites
- Crashplan account
- FreeNAS-9.1.1-RELEASE-x64 (a752d35)
- Change the user password
- Add pubkey to root account.
- Enable SSH-Daemon, allow TCP forwarding
- Create a new volume, encrypted raidz
Plugins --> Install Crashplan
NOTA BENE The gui is wrong here. The correct command is linux_load.
linux_load=YES
Per the wiki
[root@freenas] /mnt/zpool# jls
JID IP Address Hostname Path
1 - crashplan_1 /mnt/zpool/jails_2/crashplan_1
[root@freenas] /mnt/zpool# jexec 1 /bin/tcsh
Create a new user
root@crashplan_1:/ # adduser
Username: crashplan
.....
Login group is crashplan. Invite crashplan into other groups? []: wheel
....
Username : crashplan
Password : *****
Full Name :
Uid : 1001
Class :
Groups : crashplan wheel
Home : /home/crashplan
Home Mode :
Shell : /bin/tcsh
Locked : no
At this point, I like to copy my pub key to make things easier on me.
➜ ~ ssh-copy-id crashplan@192.168.1.103
Now, let's create a tunnel. This will redirect localhost 4200 to 4243 on the crashplan jail.
NOTA BENE On a mac, make sure you use 127* not localhost. Localhost causes a redirect loop.
ssh -L 4200:127.0.0.1:4243 crashplan@192.168.1.103 -N -v -v
Set up a ssh tunnel by editing the ui properties file. ui.properties file location
Linux (if installed as root): /usr/local/crashplan/conf/ui.properties
Mac: /Applications/CrashPlan.app/Contents/Resources/Java/conf/ui.properties
Solaris (if installed as root): /opt/sfw/crashplan/conf/ui.properties
Windows: C:\Program Files\CrashPlan\conf\ui.properties
Change the service port to 4200, which we will use to tunnel to the remote connection.
servicePort=4200
ssh -L 4200:127.0.0.1:4243 crashplan@192.168.1.103 -N -v -v
OpenSSH_5.9p1, OpenSSL 0.9.8y 5 Feb 2013
debug1: Reading configuration data /etc/ssh_config
debug1: /etc/ssh_config line 20: Applying options for *
debug2: ssh_connect: needpriv 0
debug1: Connecting to 192.168.1.103 [192.168.1.103] port 22.
debug1: Connection established.
debug1: identity file /Users/bdd/.ssh/id_rsa type 1
debug1: identity file /Users/bdd/.ssh/id_rsa-cert type -1
debug1: identity file /Users/bdd/.ssh/id_dsa type -1
debug1: identity file /Users/bdd/.ssh/id_dsa-cert type -1
debug1: Remote protocol version 2.0, remote software version OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503
debug1: match: OpenSSH_5.8p2_hpn13v11 FreeBSD-20110503 pat OpenSSH*
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_5.9
debug2: fd 3 setting O_NONBLOCK
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug2: kex_parse_kexinit: diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa-cert-v01@openssh.com,ssh-rsa-cert-v00@openssh.com,ssh-rsa,ssh-dss-cert-v01@openssh.com,ssh-dss-cert-v00@openssh.com,ssh-dss
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-sha2-256,hmac-sha2-256-96,hmac-sha2-512,hmac-sha2-512-96,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit: none,zlib@openssh.com,zlib
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: kex_parse_kexinit: ecdh-sha2-nistp256,ecdh-sha2-nistp384,ecdh-sha2-nistp521,diffie-hellman-group-exchange-sha256,diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
debug2: kex_parse_kexinit: ssh-rsa,ssh-dss,ecdsa-sha2-nistp256
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: aes128-ctr,aes192-ctr,aes256-ctr,arcfour256,arcfour128,aes128-cbc,3des-cbc,blowfish-cbc,cast128-cbc,aes192-cbc,aes256-cbc,arcfour,rijndael-cbc@lysator.liu.se
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: hmac-md5,hmac-sha1,umac-64@openssh.com,hmac-ripemd160,hmac-ripemd160@openssh.com,hmac-sha1-96,hmac-md5-96
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit: none,zlib@openssh.com
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit:
debug2: kex_parse_kexinit: first_kex_follows 0
debug2: kex_parse_kexinit: reserved 0
debug2: mac_setup: found hmac-md5
debug1: kex: server->client aes128-ctr hmac-md5 none
debug2: mac_setup: found hmac-md5
debug1: kex: client->server aes128-ctr hmac-md5 none
debug1: SSH2_MSG_KEX_DH_GEX_REQUEST(1024<1024<8192) sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_GROUP
debug2: dh_gen_key: priv key bits set: 128/256
debug2: bits set: 489/1024
debug1: SSH2_MSG_KEX_DH_GEX_INIT sent
debug1: expecting SSH2_MSG_KEX_DH_GEX_REPLY
debug1: Server host key: RSA 47:80:ec:ed:06:a4:ee:1e:88:65:57:29:fc:ab:bd:65
debug1: Host '192.168.1.103' is known and matches the RSA host key.
debug1: Found key in /Users/bdd/.ssh/known_hosts:8
debug2: bits set: 520/1024
debug1: ssh_rsa_verify: signature correct
debug2: kex_derive_keys
debug2: set_newkeys: mode 1
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug2: set_newkeys: mode 0
debug1: SSH2_MSG_NEWKEYS received
debug1: Roaming not allowed by server
debug1: SSH2_MSG_SERVICE_REQUEST sent
debug2: service_accept: ssh-userauth
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug2: key: /Users/bdd/.ssh/id_rsa (0x7ffe31410cc0)
debug2: key: /Users/bdd/.ssh/id_dsa (0x0)
debug1: Authentications that can continue: publickey,keyboard-interactive
debug1: Next authentication method: publickey
debug1: Offering RSA public key: /Users/bdd/.ssh/id_rsa
debug2: we sent a publickey packet, wait for reply
debug1: Server accepts key: pkalg ssh-rsa blen 279
debug2: input_userauth_pk_ok: fp aa:79:62:66:54:09:ea:7e:9b:53:b4:68:01:b9:28:cc
debug1: Authentication succeeded (publickey).
Authenticated to 192.168.1.103 ([192.168.1.103]:22).
debug1: Local connections to LOCALHOST:4200 forwarded to remote address 127.0.0.1:4243
debug1: Local forwarding listening on ::1 port 4200.
debug2: fd 5 setting O_NONBLOCK
debug1: channel 0: new [port listener]
debug1: Local forwarding listening on 127.0.0.1 port 4200.
debug2: fd 6 setting O_NONBLOCK
debug1: channel 1: new [port listener]
debug1: Requesting no-more-sessions@openssh.com
debug1: Entering interactive session.
debug1: Connection to port 4200 forwarding to 127.0.0.1 port 4243 requested.
debug2: fd 7 setting TCP_NODELAY
debug1: channel 2: new [direct-tcpip]
debug2: channel 2: open confirm rwindow 2097152 rmax 32768
[root@freenas] ~# jexec crashplan_1 sockstat -4
USER COMMAND PID FD PROTO LOCAL ADDRESS FOREIGN ADDRESS
crashplan sshd 4149 5 tcp4 192.168.1.103:22 192.168.1.83:53226
root sshd 4147 5 tcp4 192.168.1.103:22 192.168.1.83:53226
root java 3952 56 tcp4 127.0.0.1:4243 *:*
root java 3952 57 tcp4 *:4242 *:*
root java 3951 56 tcp4 127.0.0.1:4243 *:*
root java 3951 57 tcp4 *:4242 *:*
root java 3950 56 tcp4 127.0.0.1:4243 *:*
root java 3950 57 tcp4 *:4242 *:*
root java 3949 56 tcp4 127.0.0.1:4243 *:*
root java 3949 57 tcp4 *:4242 *:*
root java 3948 56 tcp4 127.0.0.1:4243 *:*
root java 3948 57 tcp4 *:4242 *:*
root java 3947 56 tcp4 127.0.0.1:4243 *:*
root java 3947 57 tcp4 *:4242 *:*
root java 3946 56 tcp4 127.0.0.1:4243 *:*
root java 3946 57 tcp4 *:4242 *:*
root java 3945 56 tcp4 127.0.0.1:4243 *:*
root java 3945 57 tcp4 *:4242 *:*
root java 3944 56 tcp4 127.0.0.1:4243 *:*
root java 3944 57 tcp4 *:4242 *:*
root java 3943 56 tcp4 127.0.0.1:4243 *:*
root java 3943 57 tcp4 *:4242 *:*
root java 3942 56 tcp4 127.0.0.1:4243 *:*
root java 3942 57 tcp4 *:4242 *:*
root java 3941 56 tcp4 127.0.0.1:4243 *:*
root java 3941 57 tcp4 *:4242 *:*
root java 3940 56 tcp4 127.0.0.1:4243 *:*
root java 3940 57 tcp4 *:4242 *:*
root java 3935 56 tcp4 127.0.0.1:4243 *:*
root java 3935 57 tcp4 *:4242 *:*
root java 3934 56 tcp4 127.0.0.1:4243 *:*
root java 3934 57 tcp4 *:4242 *:*
root java 3933 56 tcp4 127.0.0.1:4243 *:*
root java 3933 57 tcp4 *:4242 *:*
root java 3932 56 tcp4 127.0.0.1:4243 *:*
root java 3932 57 tcp4 *:4242 *:*
root java 3931 56 tcp4 127.0.0.1:4243 *:*
root java 3931 57 tcp4 *:4242 *:*
root java 3930 56 tcp4 127.0.0.1:4243 *:*
root java 3930 57 tcp4 *:4242 *:*
root java 3929 56 tcp4 127.0.0.1:4243 *:*
root java 3929 57 tcp4 *:4242 *:*
root java 3928 56 tcp4 127.0.0.1:4243 *:*
root java 3928 57 tcp4 *:4242 *:*
root java 3927 56 tcp4 127.0.0.1:4243 *:*
root java 3927 57 tcp4 *:4242 *:*
root java 3926 56 tcp4 127.0.0.1:4243 *:*
root java 3926 57 tcp4 *:4242 *:*
root java 3797 56 tcp4 127.0.0.1:4243 *:*
root java 3797 57 tcp4 *:4242 *:*
root java 3444 56 tcp4 127.0.0.1:4243 *:*
root java 3444 57 tcp4 *:4242 *:*
root java 3443 56 tcp4 127.0.0.1:4243 *:*
root java 3443 57 tcp4 *:4242 *:*
root java 3442 56 tcp4 127.0.0.1:4243 *:*
root java 3442 57 tcp4 *:4242 *:*
root python2.7 3404 3 tcp4 192.168.1.103:12346 *:*
root java 3399 56 tcp4 127.0.0.1:4243 *:*
root java 3399 57 tcp4 *:4242 *:*
root java 3398 56 tcp4 127.0.0.1:4243 *:*
root java 3398 57 tcp4 *:4242 *:*
root java 3397 56 tcp4 127.0.0.1:4243 *:*
root java 3397 57 tcp4 *:4242 *:*
root java 3396 56 tcp4 127.0.0.1:4243 *:*
root java 3396 57 tcp4 *:4242 *:*
root java 3395 56 tcp4 127.0.0.1:4243 *:*
root java 3395 57 tcp4 *:4242 *:*
root java 3394 56 tcp4 127.0.0.1:4243 *:*
root java 3394 57 tcp4 *:4242 *:*
root java 3393 56 tcp4 127.0.0.1:4243 *:*
root java 3393 57 tcp4 *:4242 *:*
root java 3381 56 tcp4 127.0.0.1:4243 *:*
root java 3381 57 tcp4 *:4242 *:*
root sshd 3213 5 tcp4 *:22 *:*
root java 3179 56 tcp4 127.0.0.1:4243 *:*
root java 3179 57 tcp4 *:4242 *:*
root syslogd 3076 7 udp4 *:514 *:*
? ? ? ? tcp4 192.168.1.103:12346 192.168.1.101:60840
? ? ? ? tcp4 192.168.1.103:12346 192.168.1.101:51273
[root@freenas] ~# kldstat
Id Refs Address Size Name
1 59 0xffffffff80200000 132bb68 kernel
2 1 0xffffffff8152c000 143c50 linux.ko
3 1 0xffffffff81670000 e3c8 xhci.ko
4 1 0xffffffff81812000 156757 zfs.ko
5 14 0xffffffff81969000 55c1 opensolaris.ko
6 1 0xffffffff8196f000 485c geom_stripe.ko
7 1 0xffffffff81974000 10477 geom_raid3.ko
8 1 0xffffffff81985000 efdd geom_raid5.ko
9 1 0xffffffff81994000 581e geom_gate.ko
10 1 0xffffffff8199a000 49d5 geom_multipath.ko
11 1 0xffffffff8199f000 b6b dtraceall.ko
12 1 0xffffffff819a0000 4ee2 profile.ko
13 3 0xffffffff819a5000 4049 cyclic.ko
14 11 0xffffffff819aa000 23da87 dtrace.ko
15 1 0xffffffff81be8000 fb2d systrace_freebsd32.ko
16 1 0xffffffff81bf8000 109cf systrace.ko
17 1 0xffffffff81c09000 459e sdt.ko
18 1 0xffffffff81c0e000 4953 lockstat.ko
19 1 0xffffffff81c13000 be50 fasttrap.ko
20 1 0xffffffff81c1f000 6672 fbt.ko
21 1 0xffffffff81c26000 55bd dtnfscl.ko
22 1 0xffffffff81c2c000 4590 dtmalloc.ko
23 1 0xffffffff81c31000 44e3 dtio.ko
24 1 0xffffffff81c36000 28bff if_cxgbe.ko
