ZFS Replication from UnRAID ZFS and vice versa

TrueNAS General
1

(NOTE: for some reason it wouldn’t let me add screenshots to my post)

Hey all!

New to TrueNAS, been an unraid user since unraid v4 but wanting to give TrueNAS a go.

Currently running a couple of ZFS pools on unraid and would like to use ZFS Send | Receive to replicate certain datasets to the TrueNAS box or use a Pull from the TrueNAS box.

I’ve read through the TrueNAS docs and watched some videos, and most of it seems to be from the context of TrueNAS to TrueNAS (which makes sense) … just hoping that what I am wanting to do is possible.

I have set up an SSH connection from TrueNAS to UnRAID, and it works fine from the TrueNAS shell. However when I use the replication wizard (either normal or advanced options) its failing on the SSH authentication whenever I try to get to the source system with error:

[EACCES] AuthenticationException('Authentication failed.')

From the TrueNAS shell, SSH to Unraid works fine.

On the Unraid side I get the following errors when TrueNAS tries to connect during the replication task creation:

Jan 11 13:12:47 unRAID sshd-session[2041648]: Connection from 192.168.2.245 port 49252 on 192.168.2.195 port 22 rdomain ""
Jan 11 13:12:47 unRAID sshd-session[2041648]: Failed publickey for root from 192.168.2.245 port 49252 ssh2: RSA SHA256:3I9vfwN55txqzoflr/MWok5wLEu0gOAS73Pm/x+7Nj8
Jan 11 13:13:05 unRAID sshd-session[2042065]: Connection from 192.168.2.245 port 58932 on 192.168.2.195 port 22 rdomain ""
Jan 11 13:13:05 unRAID sshd-session[2042065]: Failed publickey for root from 192.168.2.245 port 58932 ssh2: RSA SHA256:3I9vfwN55txqzoflr/MWok5wLEu0gOAS73Pm/x+7Nj8
Jan 11 13:13:15 unRAID sshd-session[2042247]: Connection from 192.168.2.245 port 47870 on 192.168.2.195 port 22 rdomain ""
Jan 11 13:13:15 unRAID sshd-session[2042247]: Failed publickey for root from 192.168.2.245 port 47870 ssh2: RSA SHA256:3I9vfwN55txqzoflr/MWok5wLEu0gOAS73Pm/x+7Nj8
Jan 11 13:14:26 unRAID sshd-session[2043669]: Connection from 192.168.2.245 port 56500 on 192.168.2.195 port 22 rdomain ""
Jan 11 13:14:26 unRAID sshd-session[2043669]: Failed publickey for root from 192.168.2.245 port 56500 ssh2: RSA SHA256:3I9vfwN55txqzoflr/MWok5wLEu0gOAS73Pm/x+7Nj8

When I successfully SSH from the shell, this is on the UnRAID logs:

Jan 11 13:14:43 unRAID sshd-session[2044022]: Accepted key ED25519 SHA256:sPJu0RHb09TXrdYiLZPEXYU9u8L7vhD+p+AwCHQSvLk found at /root/.ssh/authorized_keys:3
Jan 11 13:14:43 unRAID sshd-session[2044022]: Postponed publickey for root from 192.168.2.245 port 38870 ssh2 [preauth]
Jan 11 13:14:43 unRAID sshd-session[2044022]: Accepted key ED25519 SHA256:sPJu0RHb09TXrdYiLZPEXYU9u8L7vhD+p+AwCHQSvLk found at /root/.ssh/authorized_keys:3
Jan 11 13:14:43 unRAID sshd-session[2044022]: Accepted publickey for root from 192.168.2.245 port 38870 ssh2: ED25519 SHA256:sPJu0RHb09TXrdYiLZPEXYU9u8L7vhD+p+AwCHQSvLk
Jan 11 13:14:43 unRAID sshd-session[2044022]: pam_unix(sshd:session): session opened for user root(uid=0) by (uid=0)
Jan 11 13:14:43 unRAID sshd-session[2044022]: User child is on pid 2044025
Jan 11 13:14:43 unRAID sshd-session[2044025]: Starting session: shell on pts/1 for root from 192.168.2.245 port 38870 id 0

I am wondering if its something to do with the user TrueNAS is using to make the connection to unraid or something simple I am missing.

I’m new to TrueNAS, keen to learn, so any help at all would be appreciated :slight_smile:

2

Hi and welcome to the forums.

Can you tell us or show us how you setup the SSH keypairs as this appears to be the issue here.

3

Hi! … thanks for your reply. Sure I will try my best to describe.

Method 1: Using TrueNAS Credentials > Backup Credentials > SSH Connections > Add

Step 1: via TrueNAS GUI:

Navigate to Credentials > Backup Credentials > SSH Connections > Add

Connection Name: Unraid Server
Setup Method: Manual
Host: unraid.home.lan
Port: 22
Username: root
Private Key: Generate New

Discover Remote Host Key - which then populates the Remote Host Key field.
Save it and it automatically creates the corresponding SSH Keypairs

NOTE: One thing I do notice here is that its an rsa key not an ed25519 key

Step 2: TrueNAS CLI

  1. run ssh-copy-id root@unraid.home.lan
  2. auth with my unraid root account and it adds on unraid side authorized_keys
  3. At this point, whilst in truenas CLI, I can manually ssh to unraid using ssh root@unraid.home.lan and run commands (e.g. ssh root@unraid.home.lan zfs list)

Step 3: TrueNAS GUI

Navigate to Data Protection > Replication Tasks > Add

Source Location: On a different system
SSH Connection: Unraid Server
Source: no matter what I enter here is fails auth
(e.g. /tank, tank, tank/scripts)

This is where is fails the authentication, and I can’t seem to find which log file on truenas shows the failure reason. (I expected it to be in either /var/logs/syslog or /var/logs/auth but its not)

Method 2: manually via CLI

Step 1: TrueNAS CLI as truenas_admin

  1. Navigate to ~/.ssh/
  2. Copy the truenas public key from id_ed25519.pub
  3. run ssh-copy-id root@unraid.home.lan
  4. auth with my unraid root account and it adds on unraid side authorized_keys
  5. At this point, whilst in truenas CLI, I can manually ssh to unraid using ssh root@unraid.home.lan and run commands (e.g. ssh root@unraid.home.lan zfs list)

Step 2: Unraid side

  1. CLI - navigate to ~/.ssh/root which is a symlink to /boot/config/ssh/root
  2. Confirm the ssh-copy-id has added to authorized_keys (even though I can manually successfully connect from TrueNAS CLI to unraid as per above)

Also I compared the ZFS versions on TrueNAS and UnRAID and they are identical.

TrueNAS
zfs-2.3.4-1
zfs-kmod-2.3.4-1

Unraid
zfs-2.3.4-1
zfs-kmod-2.3.4-1

I hope this is enough information for you, but let me know if you need any further info.

4

I’ve never tried setting up TrueNAS UI replication with anything other than TrueNAS systems so there may be an issue with how TrueNAS enumerates your UNRAID system.

Let’s see what others say. Have you tried PUSH from UNRAID to TrueNAS instead of PULL? Failing that just replicating from the CLI and bypassing the UI in this instance might be the only solution.

5

Yeah I have tried a PUSH from unraid side via CLI, but it fails as well.

Hopefully the community might be able to assist further :slight_smile:

6

Have you tried zfs allow using a nominated user on the system instead of root? Im not sure where the probably is but might be worth a shot.

7

Yeah I tried creating a dedicated user called zfs-replicate, and also added that user to zfs allow for both the target pool and the target dataset, but unfortunately still no good.

I am extremely confident this is technically possible and many other scenarios are replicating data between ZFS systems, I have no doubt its probably something quite simple and due to my current limited knowledge on how TrueNAS and SSH works. But gotta start somewhere right? haha :slight_smile:

Unfortunately I’m not confident this topic will peak many peoples interest, so it may take quite some time to get a solution. Not sure if its something I could email TrueNAS support about as I’m not using one of their commercial systems, plus its from UnRaid so its not really their issue anyway.

8

It’s highly unlikely TrueNAS support would help with this as you are not a paid Enterprise user. Your best bet is someone who has been in a similar situation.

9

I set up ZFS PULL replication from my Proxmox systems to my TrueNAS; here’s how I did it:

I’d expect the process to be similar under other Linux-y environments.

1 Like
10

hey dan!

Same name as me, so clearly a legend :wink:

Thanks so much for your reply, I used your wiki steps and adapted to my scenario and as expected I had missed one small step which was getting the public key from the corresponding key pair :man_facepalming:

As soon as I added that in, I was able to connect very easily.

Thanks heaps - can see why you’re a Hall of Famer! :slight_smile: