By Eric Geier
Your operating system — whether it’s Windows, Mac OS X, or Linux — provides simple file sharing. You can quickly and easily share a folder so you and others on your network can view and/or edit files within it from multiple computers. However, it may be helpful to have more advanced file sharing on your network.
A network-attached storage (NAS ) system gives you a central file server. So instead of sharing folders from numerous PCs, you could setup a NAS system to host everything you want shared on the network. This eliminates PCs from having to be turned on in order to access shares. NAS systems also bring additional functionality, such as user authentication so you can better control access to shares.
In this tutorial, we’ll discover the Turnkey Linux File Server Appliance. We’ll see what it offers and how to set it up. Now let’s get started!
Introduction to the Turnkey Linux File Server Appliance
The Turnkey Linux File Server Appliance is a free and open source NAS system. It creates standard Windows (SMB /CIFS ) shares to be accessible from Windows, Mac OS X, and Linux. It has SSL support out of the box, so Web-based user and administrator access is encrypted and secure.
The Turnkey Linux File Server Appliance offers the following interfaces:
SMB/CIFS: This will likely be the primary user interface to the file server. You’ll see an icon for the file server when browsing the Network or My Network Places, or it is also accessible directly with the UNC path. When you open the file server share, it will appear similar to viewing shares from regular PCs. There are three default shares: home directories for each user, public storage, and the CD-ROM.
File manager (eXtplorer): This gives you Web-based access to your file shares in addition to the usual SMB/CIFS access in Windows, Mac OS X, or Linux. Using this interface, you can browse, upload, and download files from the file server. You can connect from computers on the local network or remotely from anywhere via Internet.
SSH/STFP: This gives you secure file transferring (an FTP client, like FileZilla) and/or shell access (with a SSH client, like PuTTY) to the file server’s system files and shares.
Web shell: This gives you access to the command line interface of the Linux system from a browser, in case you need to perform advanced admin tasks and functions that require the command line.
Webmin: This gives you a GUI to configure the SMB/CIFS and SSH/SFTP servers. Here you can create users, control access to shares, and much more.
Downloading and installing
There are three main methods to deploy the Turnkey Linux appliance: install or run the LiveCD mode from a CD on a PC, run a preconfigured virtual machine (such as with VMware Player), or run from the Amazon EC2 cloud. We’re going to cover the CD and virtual machine methods.
Before starting the CD installation or running the virtual machine, make sure you have your PC plugged into your network with an Ethernet cable. During the install or virtual machine boot, the File Server Appliance will automatically attempt to get an IP address from your network via DHCP.
To get started, download the CD or virtual machine images. If going the CD route, burn the ISO image file to a disc, insert into a PC, restart, and then install. If going the virtual machine route, download client such as VMware Player and run the VMX file.
Performing the initial configuration
Once the File Server Appliance has installed or loaded, you’ll see the Usage page listing the addresses.
Here’s a list of these addresses, where you replace x.x.x.x with the IP assigned to the File Server Appliance:
- File manager (eXtplorer): https://x.x.x.x
- Web shell: https://x.x.x.x:12320
- Webmin: https://x.x.x.x:12321
- SMB/CIFS: x.x.x.x
- SSH/STFP: root@x.x.x.x (port 22)
You should now be able to access these interfaces from computers on your local network.
The default login credentials for the file manager (eXtplorer):
Username admin, Password turnkey
Username guest, Password turnkey
The default login credentials for Web shell, Webmin, SMB/CIFS, and SSH/SFTP:
Username root, no password (or set during installation)
Before anything else, you should change the default passwords. For the file manager (eXtplorer), you’ll be prompted to change the password when you log in. For the remaining services, login to Webmin (https://x.x.x.x:12321), click System > Change Passwords, select root, enter the new password twice, leave the last option checked, and then hit Change.
Next, you might want to assign a static IP address to the file server rather than use the address assigned by DHCP which can change in the future. To assign an address, go to the file server and hit Enter to bring up the Advanced Menu. Then hit Enter to access the Networking menu. Select StaticIP and hit Enter. Specify the IP details, hit Tab, and hit Apply.
Setting up Unix and Samba user and group synchronization
Before you start creating groups for your different departments and adding users, you should set up synchronization. Otherwise, you’d have to create the groups and users in both the Unix and Samba sides. Setting up synchronization will automatically create/duplicate entries on the Samba side when you create or make changes on the Unix side.
- Login into Webmin.
- Click Servers > Samba Windows File Sharing.
- In the Samba Users section, click Configure automatic Unix and Samba user synchronisation.
- You’ll probably want to select every option.
- Click Apply when you’re done.
- In the Samba Users section, now click Configure automatic Unix and Samba group synchronisation.
- Again, you’ll probably want to select every option.
- Click Apply when you’re done.
Create user groups and user accounts
Now you can start creating groups and users:
- In Webmin, click System > Users and Groups.
- Select the Local Groups tab, and click the Create a new group link. You probably want to make a group for each department that you want to have varying sharing permissions. For example, the Management group should have access to everything, the Accounting group gets access to financial-related shares, the IT group gets access to shares that contain network details, etc.
- When you’re done defining Groups, you can create accounts for users: click the Local Users tab and click the Create a new user link. You’ll probably want to input a Normal Password and assign them to Groups.
Creating file shares
Now you probably want to create shared folders for each Group:
- In Webmin, click Tools > File Manager, and create directories.
- Now create file shares for each directory: click Servers > Samba Windows File Sharing, and click the Create a new file share link. You’ll specify access permissions in the next step.
- Once the share is added, click on it from the main Samba menu to open its settings, and then click Security and Access Control.
- To make it Read and Write, choose Yes for Writable. To limit access to only certain Groups, select Yes for Limit to possible list, and then select groups for Possible groups.
Conclusion
We’ve done the basic setup of the Turnkey Linux File Server Appliance and have begun to configure user authentication. When experimenting or testing access permissions of shares, you should login with different user accounts to make sure everything works as you want. To clear the login credentials for shares you access in Windows, bring up the Command Prompt and enter:
net use fileserver /del
Close the window and try to access the file server again. It should prompt you again to login.