Is it possible to install an FTP server on the router? Like FileZilla server or any other? Any instructions if possible?
You can install the FTP server from the UI, search for “vsftpd”.
I would recommend you use an SFTP server instead, you can install “openssh-sftp-server” instead.
Thanks. I’ll follow that. Do you know if openssh is already present on these routes or needs to be installed first?
OpenSSH is there, you only have to install the sftp server component that is not installed by default
Yep I did… Big thanks to you.
I installed openssh-sftp-server and I can connect to it when I am on my ar300m router locally.
I have 2 questions if you can kindly help:
- Where is the config file for ssh? I can’t find ssh itself in /etc/ssh and no file /etc/ssh/sshd_config
- How do I access sftp externally? I want to use my DDNS service.
I followed some instructions from here:
I opened the port on my main router (DLink) to forward port e.g. Port 22 to IP: 192.168.0.X (this is the assigned IP to the ar300m router)
but it won’t connect using an external IP or hostname
It’s funny because I can access the ar300m console UI externally since I forwarded just the port to WAN.
Am I missing a configuration? I need to add a listen line to sshd_config maybe but I can’t find config the file?
Appreciate any help. Thank you.
Never mind, I figured it out I created a traffic rule in Luci and now it works quite well. Thank you.
Besides changing standard ports, should I consider anything else for securing my sftp?
One more question, can the AR300M handle larger external HDD like 2TB+ ?
One more question. When OpenVPN is connected, accessing sftp is not possible from external to ar300m?
Well the best thing you can do is to change the default SFTP port.
I don’t think it should be a problem with an external HDD, it should just be a powered one and you should partition it to EXT4 for best performance.
SFTP Will work at the same time as OpenWRT, they are separate server programs running on different ports so.
When the VPN is on you will be able to connect to the SFTP server “locally” ie connecting to your router IP instead of the remote, so you won’t need to port forward in that case.
Yep I’ve changed the default SFTP port. That’s also the same port for SSH right? I did this from Luci.
Sometimes I leave OpenVPN running on the router and then when I am outside, remote SFTP won’t work. I guess I have to turn off OpenVPN if I need to access SFTP server remotely.
Many thanks for your replies.
Well the best thing you can do is make a samba share, then you can use just OpenVPN to access your files remotely. You don’t really need the SFTP server if you have a VPN.
I have a server running 24/7 on my lan, and have Asus Router with OpenVPN running. I then use the GL-Mifi as a VPN client and can remote control the server, access all the files via the lan and more on the go.
OK I should have mentioned before, I don’t use an OpenVPN “Server”, just the OpenVPN client on the ar300M. When the OpenVPN Client is connected to for e.g. ExpressVPN then the remote SFTP server on the router doesn’t accept connections anymore. If I turn off OpenVPN client, I can connect remotely to the SFTP server. Makes sense?
Yes. And the problem there is that when you start the VPN client, you would have to connect to the SFTP server using the VPN public ip, at the ExpressVPN end. So that should still work.
However. If you will travel and use the VPN, maybe you can order a second GL router and then have your OWN VPN between the 2 routers.
You can then have something like this:
Mobile Router -> VPN -> Home Router -> Express VPN
Now you have access to all your files at home, and still use the VPN like now for security privacy whatever.
This is basically how i do as i wrote above. It would remove your need for ExpressVPN honestly.
2 or 3 months of that paid VPN has now paid for a new GL router with your own VPN server, that you have full control over.
You would have all your files on the go with you, with the same privacy over the connection.
Thanks for the replies. So I use Express VPN because a lot of content are blocked by the ISP here (i’m based in the middle east). I use it mostly for unlocking geo-restricted content (Hulu, Netflix, Showtime etc). Not so much for security really. I only ever use OpenVPN client at home for streaming etc otherwise I don’t need OpenVPN.
I am already planning to buy another AR-750S simply because these little routers are so useful.
Sorry to revive an old thread but I have a related question. Is this possible on the GL-AR300M Lite version? I am looking for the cheapest way to set up an FTP server at a friends house for remote backup using the rather excellent Open Source Duplicati software. I already have drives. He is currently giving me space on his big NAS box but it would be nicer if supplied this for him to plug into his network. I expect this is very slow but that does not matter for my requirements as I will be throttling the backup right down anyway so as not to impinge on him too much. As long as it will do 5 to 10Mbps, that would be fine. Can you connect more than one drive using a USB hub (not expecting to need to do this, just curious)?
Presumably the GL-MT300N should also work?
I don’t care if it is FTPS as the Duplicati file blocks are encrypted anyway.
You can set up an FTP server on any of the GL routers, and with a USB hub you can have multiple drives connected, just remember everything should be powered, ie the drives should get their own power, not take it from the usb, unless the usb hub can supply enough for all of them. Also, you will be speed limited at the router usb port. The usb controllers on the routers are not that powerful, you will get between 5-10Mb/s total speed.
The drives should also be formatted with ext4, for best performance.
Some users reported that large drives were not detected, so try with 1 drive before adding more, and with multiple partitions if it doesn’t work.
Thanks for the quick reply. I will order one today and give it a go. I almost certainly won’t need multiple drives anyway as I am not backing up too much data. I will be using a 2TB WD Red drive in a cheapo powered enclosure to test with as I happen to have one kicking about. 5-10Mbps will be fine for remote backup of my computers. The initial backup can probably be done locally if I really want or I could just deploy it at my friends and wait the couple of weeks whilst it completes its initial dataset. I only have about 500GB of important data to backup - photos and documents etc. The other 15TB of junk on my computer is easily replaceable.
OK, so I have the device. I have installed openssh ftp server. I have enabled access from the WAN side and redirected from port 2222. I can connect as root. I have created a user called chris. If I set the home as /home/chris then all is OK. I want the home to be on the external EXT4 drive if possible. I don’t know UNIX so I am a bit out of my depth. I have created a directory in /mnt/‘Basic data partition’/home/chris
If I SSH in as chris I can access /mnt/‘Basic data partition’/home/chris
I have changed the /etc.passwd file to include:
chris:x:1000:1000::/mnt/‘Basic data partition’/home/chris:/bin/ash
I think I have set the owner of this directory to chris using chown
Do I need to put something in /etc/fstab ?
However, I know can’t login as chris. I know I am making a basic error but I don’t know what it is. As I say, not a UNIX person.
I have got the backup running under root at the moment. I only had an initial dataset of 266GB assuming I have got the exclusions correct. The device is no my LAN at the moment but I am connecting through the WAN port (well, there is only one physical port on the bottom of the line one I bought). The transfer is at a very steady 1.43MBps. That is just SFTP, no VPN. The initial backup will take 2 days 7 hours at that speed.
The HDD I am using is a 2TB WD Red although I might find another drive and use the WD for something else. 2TB will give room for lots of version retention.
I have initially set the backup to run every 6 hours although will need to think about that, the initial calculating what needs to be backed up is CPU intensive so I might just run at night.
My friend has over 400Mbps download so 12Mbps every now and again isn’t going to impact him.
Try setting up a wireguard server on the router and using the client and see if you get better speed when writing to Samba?
For the user do this:
On the backup front, Duplicati was a complete dud I am afraid. Just could not get it to work. Switched to CloudBerry that is looking good so far. Will try wireguard.