I know what youâre thinking: âHow cool would it be if I had my own Google Drive/SkyDrive/Dropbox that I can use whenever I like?â Or maybe you are just getting into the Maker movement and you think itâs the greatest thing since canned bread. Youâve probably seen quite a few Raspberry Pi projects already, or maybe youâve even done a couple and want to try something a little more advanced.
This Instructable is all about how to make a small, simple, and affordable server with attached storage to download anything you need. The server will keep a bulk of itâs data on an external hard drive. The server will also run various FTP services that will allow you to download anything you might need on the fly.
Goals of the FerretPi project:
Primary Objectives:
â Run an FTP server on a Raspberry Pi with full functionality
â Set up automation for file and log management
â Apply basic Linux security best practices (such as no root login from SSH, etc)
â Construct a reporting system to notify of system changes via SMS or e-mail
Related Content:[box fontsize=â16âł radius=â10âł]Papertrail makes log management easy[/box]
Secondary Objectives:
â Compile a custom hardened Linux OS to run off the Raspberry Pi
â Encrypt the storage device with strong non-RSA algorithms
â Build a simple self-destructive intrusion detection system (e.g. if hard drive is unexpectedly removed and remains removed for five minutes, then format upon remount).
â âTeachâ the Pi to automatically avoid detection (e.g. intentionally change max bandwidth per day, spoof MAC addresses, conceal hostnames)
Secondary objectives are for those of you that really want to make something crazy.
Step 1: Acquire the Basics
These are the most basic components youâll need to build your own FerretPi. You can use many variants of what I use, but matching the basic concepts will be best for beginners. You can get these products from any retailer you want, but I have had an intellectual crush on Limor Fried and what she does, so I strongly recommend you go through Adafruit Industries for as much as you can!
What Youâre Gonna Need (for the final product):
â A Raspberry Pi
â I strongly recommend using the Raspberry Pi Model B. Theoretically, you can use the Model A, but hereâs the thing. Youâre going to want all the RAM you can get for large file operations, youâre going to want the extra USB port for wireless connectivity, and there is an Ethernet port.
â You can pick one up here for about $40
â A 4GB SD/microSD card
â This is where your operating system is going to be, so get something youâre happy with. I chose an 8GB card because I wanted the ability to create a swap partition in the event I run out of RAM during operations. It will also allow you to use more applications.
â You can save yourself time by purchasing a card with Raspbian Wheezy already on it.
â Pick one up from the fantastic Ladyada here for $10
âREMEMBER: If you get a microSD card, you will need an adapter to work with your Pi!
â Either a CAT5/6 Ethernet cable, or a Pi-compatible Wi-Fi dongle.
â For my project, I had some CAT5 laying around, so I didnât go through great lengths to get some. You can find them virtually anywhere, and you may have friends or co-workers that can give you some.
â I would recommend picking up a Wi-Fi dongle since it will allow you to put your Pi where you want it.
â If radio waves are your thing, snag one here for about $10
â An external storage device (preferably 1TB or greater)
â This is where you have the most freedom. Pick any brand, any size you want, but keep in mind that the Pi cannot power a portable hard drive with USB power. If you do use a portable drive, see the next step for info on the extra components required.
â I chose this model because I wanted to be able to move the Pi more easily. I picked it up on sale for about $60.
â A micro USB cable and power adapter
â Â Unless you have built a machine uses Tesla coils to power computers, youâre going to need this.
â If you have an Android phone, you might have a micro USB cable around. If not, get one here.
â Same deal applies for the power adapter. Check it out. Youâre looking at about $15 for both.
â A decent knowledge of Linux and the Raspberry Pi
â You donât have to be a guru, but you should at least understand how the terminal works, what FTP is, basic network configuration (hostnames, IP addresses, etc) to get started. If you donât, feel free to try anway! What better way to learn than by doing?
So, all in all, youâre looking at spending about $150 (approx. tax etc) for the basic stuff on the project. Go to the next step to read about what other stuff you need to get the project done!
Step 2: Some Assembly Required
Since the FerretPi is going to be a server, most of the following components are only needed for the initial setup. You may want to keep them handy for doing fun stuff with the server, or for convenience.
â A USB Mouse and Keyboard
â You might have these lying around like me, but if you donât, try borrowing some from a friend. Check out Radioshack to pick these up for cheap. Should run you anywhere between $15-$20.
â The peripherals become unnecessary after you have set up SSH, but theyâre good to have around in case you need them.
â HDMI (or HDMI to DVI) cable
â Most servers donât have monitors hooked up to them, but youâll need it for the initial setup.
â Despite what a lot of media companies tell you, cheap HDMI cables work just as well as a good ones. If one meter is long enough for you, get a good deal here.
â You can also use a composite video cable here, but configuration is different so you are on your own with that.
â A display that uses HDMI, DVI, or Composite Video
â Â This goes without saying. However, you might be interested in getting something that you can use for future projects, like this.
Optional Things You Probably Want
â A surge protector
â A POWERED USB hub
â Â This is most important if you plan on using a portable hard drive. The Pi only consumes about 5W of power, and honestly canât supply enough amperage to spin up hard disks over USB. Getting a powered USB hub allows you to use these hard drives, and additional peripherals as well. Ladyada has a good cheap one here.
â A Case for Your Pi
â Having an enclosure for your Pi will help it last longer and look better. There are a lot of options and you can check out some particularly awesome and stylish ones here.
Step 3: Get Your OS on the SD
If you want to follow along with the steps I took, youâre going to want to download a few utilities. The only computer I have that can read SD cards is a Windows 7 PC. I may add instructions for Mac OSX and Linux distros later. But for now, Iâll give you the Windows instructions.
Download the latest STABLEÂ version of Raspbian (usually referred to as Wheezy). You can download it as a .zip or as a .torrent here.
After the download completes, youâll need to extract the .img out of the archive. I prefer to use 7-zip for this, but Iâm sure you have a favorite too.
You need to make sure your SD is formatted with NTFS, as Raspbian supports NTFS file systems, and it will let you read it on a Windows machine as well. Right-click the drive, and select âFormatâ. BE CAREFUL THAT YOU SELECT THE CORRECT DRIVE. This should only take a minute or two.
Now, you need to burn the .img to your SD card. Some burning programs throw a fit over .img files, so you can pick up Win32DiskImager at SourceForgefor free! I love embedded links if you canât tell.
Run the Win32DiskImager .exe and you will be prompted to select a .img file to burn. Locate the Raspbian image, and click âOpenâ. Next, select the drive letter Windows has assigned to your SD (make sure itâs mounted). **EXTREMELY IMPORTANT: Be 100% sure you are selecting the correct drive, as selecting the wrong one can DELETE ALL YOUR PRECIOUS DATA! INCLUDING YOUR OS IF YOU ARENâT CAREFUL!**
Kick back, drink some coffee, smoke âem if you got âem, because this will take anywhere between 5-20 minutes depending on the speed of your computer.
Last, but certainly not lease, ALWAYS properly eject your SD from Windows before pulling it out of your reader. Failure to do this can easily lead to a corrupt SD card. I burnt through one doing this, and you probably will, too.
Step 4: Preconfigure Your FerretPi
Insert your freshly installed Raspbian SD card into your Raspberry Pi before you plug anything in. Plug in all your peripherals (except the USB hub or external HDD), and power up your Pi by plugging in the micro USB cable. You should see the Pi start to light up. If you only see a red PWR light, and nothing happens, consult this page.
If you did everything right, Raspbian should begin booting. Youâll be greeted with a stunning blue background where you can begin configuring you FerretPi. Log in using the default username and password (username: pi, password: raspberry).
â Start by expanding your filesystem (#1). Doing this will allow you to download more stuff onto the SD including updates and software.
â Take this opportunity to change your user password from the default (#2). We will probably change the username later to provide better security, but weâll stick with âpiâ for now.
â Go to Advanced Options (#8) to start playing with some of the deeper settings
â Option A2 changes your hostname. Itâs a good idea to do this early on, and I chose âFerretPiâ
â Option A4 enables SSH. Weâre going to be using SSH to access the device, so enable this now.
â Option A7 performs an auto-update of the rasp-config utility. This is not mandatory, but is a good idea.
There are lots of other cool things you can do with the rasp-config. I chose to boot into the console, overclock to the âModestâ setting, and make a couple other tweaks. A good rule of thumb is to avoid excessive overclocking and donât tweak options that you donât understand. When youâre all done, select âFinishâ and reboot your Pi.
This is a very important moment. If your Pi doesnât reboot, donât sweat! This could mean a lot of things, but you might have screwed something up (it happens). Refer to the troubleshooting page and try again.
If the stars are aligned, your Pi will reboot with no problems, and you can proceed to actually using it!
Step 5: Change Your Hostname
Time to edit some config files! You can use Vi if you like, but I have found people are more familiar with Nano, so Iâll be using that for this step.
Log into your Pi again, and become root. The easiest way to do that is to just type âsudo -iâ and hit enter.
Next, type ânano /etc/dhcp/dhclient.confâ and hit enter again. Weâre going to edit just a couple of lines here to make things work a little smoother for us. Later, weâll be accessing the Pi from over the internet, so weâll have to edit our hosts file on our client computer, but Iâll save that for later.
Find the line that says â#send host-name âandare.fugue.comâ;â and remove the octothorpe (#) from this line. Change âandare.fugue.comâ to the hostname you want (again, I chose âFerretPiâ). Exit Nano by typing âCtrl-xâ. Type âYâ and then hit enter to save your changes. Youâll probably have to hit enter one more time to actually save.
To send this new hostname to your DHCP server (probably your router/modem), type âhostname FerretPiâ at your bash prompt.
For safe measure, letâs flush and restart your ethernet interface. Type âifdown eth0â and hit enter. When that action has completed, type âifup eth0â to restart your interface.
This is a good point to reboot. Since youâre root, just type âshutdown -r nowâ to perform a restart.
Step 6: Connect Using SSH
SSH is made of pure awesome. To get it rolling, youâll need client software for your computer. Most Linux distributions include SSH, but if you donât have it, type âsudo apt-get install SSHâ in a Terminal. Youâll know itâs installed if you get a description of SSH options when you type âsshâ into the terminal.
For Windows users, there are a few different SSH clients out there, but my favorite by far is PuTTY. You can grab it here.
PuTTY doesnât require an install, so just run the .exe and youâre ready to go. If you configured your hostname properly, you should be able to type it into the âhostnameâ box and select port 22. Click âOpenâ and you should be prompted to login to your Pi. If you get a message saying âno host existsâ try typing in the IP address of your Pi.
You may be prompted with a security warning, you can ignore that for now, and just continue into your Pi.
Now, for safety, try a few basic bash commands (such as cd, ls, mkdir) and confirm you can become root. If all is well, and you feel comfortable doing so, disconnect the monitor and keyboard. This is also a good time to plug in your external HDD or USB hub. Personally, I prefer to keep my monitor and keyboard plugged in for ease of use.
Step 7: Install an FTP Server and Client
For file transfers, which is the bulk of what we are trying to do, you are going to need to install an FTP server on the FerretPi and an FTP client on any computer you would like to access from. You can use any server/client combination you like, but Iâll give you one to use if you want to follow along.
I chose to go with VSFTPDÂ for the FTP server. Itâs a secure and lightweight option, and installation is a breeze.
â Open up an SSH session with your FerretPi, and type âsudo -iâ to gain root permissions.
â Start by installing VSFTPD using the command âapt-get install vsftpdâ, and hit enter.
â We need to edit a configuration file to get rolling, so type ânano /etc/vsftpd.confâ and hit enter again.
â In Nano, youâll need to look for a few lines. Change them as shown.
â anonymouse_enable=YES â> anonymous_enable=NO
â #local_enable=YES â> local_enable=YES (you are uncommenting this line by removing the â#â)
â #write_enable=YES â> write_enable=YES (you are uncommenting this line by removing the â#â)
â Go to the bottom of to document and add the line âforce_dot_files=YESâ
â When youâre done configuring in Nano, restart the VSFTPD daemon by typing âservice vsftpd restartâ.
Serious thanks to drcurzon here at Instructables for good info on configuring VSFTPD.
Your FTP server is now running on your FerretPi. Now we have to install a client for your computer so you can upload/download content to the server. If your client computer has Linux, check out this list for options. For a Mac, I would highly recommend FileZilla. But pay attention to where you download, as counterfeit versions of FileZilla that are loaded with malware have been found on the internet recently (as of 02/01/2014).
Since so far Iâve used a Windows computer, Iâll tell you about using WinSCP, which is a lightweight, simple, and useful FTP GUI application.
â Download the WinSCP application, which you can find here.
â After the file has finished downloading, run the .exe and install the program.
â Youâll be presented with a login page. Weâll configure a saved session for your local network, and we can make new save for over the internet.
â Change âFile Protocolâ to âFTPâ. This should also automatically change the port number to 21.
â Type in your hostname (FerretPi). After we set up DNS, youâll be able to type in the address (e.g. www.ferretpi.com)
â Enter âpiâ for the username, and then your password.
â Before you hit âLoginâ, click âSaveâ and save it as âFerretPi â Localâ. This way you donât have to redo that configuration.
Since we didnât change the default directory for the FTP, youâll arrive at the home directory for the user âpiâ. Awesome! You might be interested in adding an entirely separate user that does not have sudo privileges, and use that exclusively for your FTP. This is a good idea for security, because at some point you may connect over an unencrypted connection, and if your credentials are stolen, you donât want any major damage.
Step 8: Mount Your External Drive and Automate
This step is more or less straightforward. Connect your compatible hard drive to the FerretPi either directly, or by using a powered USB hub (what I did).
In your SSH shell, type âsudo mountâ. This will list all the storage devices connected to your Pi. If the list is daunting, feel free to disconnect any storage except the hard drive and SD card. For me, it was sda2, which is located at /dev/sda2
Letâs mount the filesystem at a point that is simple to get to. I chose /home/pi/HDDMount. Use âsudo mkdir -v ~/HDDMountâ to make the directory. Now type âsudo mount /dev/sda2 ~/HDDMountâ. This will tell the Pi to mount your external hard drive at that directory. Now, any documents or folders saved to ~/HDDMount will be put on the hard drive.
Iâm sure you donât want to do this every time, so we can add a small bash script to the init.d directory. If this sounds like something you want to do, Iâll challenge you to learn how to write the simple script, and put it in the directory so it will run on startup. Itâs easy, and youâll learn a bit!
In case you want to skip all that, hereâs a really basic script I made (youâll need to change sda2 to the drive name for you.) http://pastebin.com/GHUv34HU Put that into /etc/init.d as well.
Step 9: Router? I Hardly Know âer!
In order to access your FerretPi from anywhere, allowing you to SSH in, retreive documents off the FTP, and other functions, youâll have to allow connections to pass through your firewall or set up port forwarding. I chose to forward ports 22, 31, and 80 to my Pi. Port 22 is SSH, port 31 is FTP, and port 80 is HTML. How you do this is completely based on your router and network configuration. Rather than go over something that has been discussed exhaustively on the internet, check out these articles for help:
http://www.wikihow.com/Set-Up-Port-Forwarding-on-a-Router
http://www.howtogeek.com/66214/how-to-forward-ports-on-your-router/
Image courtesy of wikiHow
Step 10: Configure a Dynamic DNS Service
This is probably one of my favorite steps, only because Iâve never done it before. We need to set up a Dynamic DNS service so that we donât have to type in the IP address of our Pi when we want to connect to it over the internet. This is handy because a lot of ISPs will change your IP automatically over periods of time. Setting up Dynamic DNS will allow that IP to change, but still have your Pi accessible!
I donât like to pay for things, and this project was already on a tight budget. So I chose a free option, which is the No-IP service.
You are going to have to set up an account with no-ip, choose a hostname for instance âmyferrets.no-ip.orgâ. Once you have created the account and chosen the free options, youâre going to need to install the Dynamic Update Client. Follow the instructions here and youâll be done in no time.
Once it is all installed, get it running and continue to follow instructions by typing âsudo noip2â. The service should start. Go ahead and use âtouch /home/pi/autonoipâ to change the date on the files.
Now youâll want to use nano to open the README and make any changes there that you like. We are going to do the same thing we did for the external drive to force noip2 to run at startup. Type ânano /usr/local/src/noip-2.1.9-1/README.FIRSTâ to open the README. Copy the script that is contained in the file, and exit nano. Now, create a new file I chose to call âautonoipâ by typing ânano /home/pi/autonoipâ. Paste the script into this file, save changes, and exit nano.
Now all we have to do is move the script into our init directory by typing âmv -v /home/pi/autonoip /etc/init.d/autonoipâ.
We still need to tweak our startup scripts a little, so run these commands:
sudo chmod 755 /etc/init.d/autonoip
sudo chmod 755 /etc/init.d/mounthdd
sudo update-rc.d autonoip defaults
sudo update-rc.d mounthdd defaults
This instructs the Pi that the two scripts are executable, and to run them on startup.
Test this by going to a browser on a different machine, and navigate to âmyferrets.no-ip.orgâ or whatever your hostname is.
Step 11: Test Your Connection
For this step, youâll want to connect to the FerretPi from outside your network. Thatâs right outside your network. I know itâs bright and scary out there, but if you want true âcloudâ storage youâll need to.
Letâs start by just pinging the device. If you have disabled ping scanning, which I recommend for security purposes, you can skip this step. Go into either a Windows command line or Linux/Unix and type: ping <address>. You should receive a response. If you donât, then you may not have configured the port forwarding correctly, your FerretPi is not configured properly, or your public IP is not correct. Go back to step 10 and 11 and try again.
Now, letâs login to the server. From a Unix terminal, type: ssh pi@<address> and wait a few seconds. Eventually, youâll be greeted with a security warning. If youâre sure you typed in the IP correctly, type âyesâ and youâre in!
Finally, verify that your FTP server is up and can connect. Open up WinSCP and use your address. You should be able to see everything in your Pi.
Step 12: CONGRATULATIONS!
You have successfully built a very basic FTP server that can function as a personal cloud!
Source:Â FerretPi: Using Raspberry Pi as a Secure FTP ServerÂ