DOCS-3628 CORE 13.0 Reorganization - Update System Update Article

content/CORE/CORETutorials/Services/ConfigureUPS.md

@@ -0,0 +1,39 @@
+---
+title: "Configuring UPS Service"
+weight: 80
+alias: core/services/ups/
+---
+
+TrueNAS uses [NUT](https://networkupstools.org/) (Network UPS Tools) to provide UPS support.
+When the TrueNAS system is connected to a UPS device, configure the UPS service by going to **Services**, finding the **UPS** entry, and clicking <i class="fa fa-pencil" aria-hidden="true" title="Configure"></i>.
+
+![ServicesUPSScreenTop](/images/CORE/13.0/ServicesUPSScreenTop.png "UPS Options")
+
+![ServicesUPSScreenBottom](/images/CORE/13.0/ServicesUPSScreenBottom.png "UPS Options")
+
+See [UPS Screen]({{< relref "/CORE/UIReference/Services/UPS.md" >}}) for more information on UPS settings.
+Some UPS models can be unresponsive with the default polling frequency.
+This shows in TrueNAS logs as a recurring error like `libusb_get_interrupt: Unknown error`.
+If this log error occurs, decrease the polling frequency by adding an entry to **Auxiliary Parameters (ups.conf)**: `pollinterval = 10`.
+The default polling frequency is **two** seconds.
+
+[upsc(8)](https://www.freebsd.org/cgi/man.cgi?query=upsc) can get status variables like the current charge and input voltage from the UPS daemon.
+Run this command from the **Shell** using the syntax `upsc ups@localhost`.
+The [upsc(8)](https://www.freebsd.org/cgi/man.cgi?query=upsc) manual page has other usage examples.
+
+[upscmd(8)](https://www.freebsd.org/cgi/man.cgi?query=upscmd) can send commands directly to the UPS, assuming the hardware supports sending the command.
+Only users with administrative rights can use this command.
+These users are created in the **Extra Users** field.
+
+{{< expand "How do I find a device name?" "v" >}}
+For USB devices, the easiest way to determine the correct device name is to set **Show console messages** in **System > Advanced**.
+Plug in the USB device and look for a <file>/dev/ugen</file> or <file>/dev/uhid</file> device name in the console messages.
+{{< /expand >}}
+
+{{< expand "Can I attach multiple computers to one UPS?" "v" >}}
+A UPS with adequate capacity can power multiple computers.
+One computer is connected to the UPS data port with a serial or USB cable.
+This primary system makes UPS status available on the network for other computers.
+The secondary computers are powered by the UPS, but receive UPS status data from the primary computer.
+See the [NUT User Manual](https://networkupstools.org/docs/user-manual.chunked/index.html) and [NUT User Manual Pages](https://networkupstools.org/docs/man/index.html#User_man).
+{{< /expand >}}

content/CORE/CORETutorials/Services/ConfiguringSSH.md

@@ -0,0 +1,52 @@
+---
+title: "Configuring SSH"
+weight: 70
+---
+
+The SSH service allows connections to TrueNAS with the [Secure SHell Transport Layer Protocol](https://tools.ietf.org/html/rfc4253).
+When TrueNAS is used as an SSH server, the users in the network must use [SSH client software](https://www.bing.com/search?q=SSH%20client%20software) to transfer files with SSH.
+
+{{< hint warning >}}
+Allowing external connections to TrueNAS is a security vulnerability!
+Do not enable SSH unless external connections are required.
+{{< /hint>}}
+
+To configure SSH, disable the service and click <i class="fa fa-pencil" aria-hidden="true" title="Configure"></i>.
+
+![ServicesSSHOptions](/images/CORE/12.0/ServicesSSHOptions.png "SSH Options")
+
+Configure the options as needed to match your network environment.
+
+See [SSH Screen]({{< relref "/CORE/UIReference/Services/SSHScreen.md" >}})
+
+Remote systems could require *root* access to the system, but make sure to have all security precautions in place before allowing root access.
+
+There are some additional options recommendations for the SSH service:
+
+* Add ***NoneEnabled no** to the **Auxiliary Parameters** to disable the insecure **none** cipher.
+* Increase the **ClientAliveInterval** if SSH connections tend to drop.
+* **ClientMaxStartup** defaults to **10**.
+  Increase this value when more concurrent SSH connections are required.
+
+Don't forget to re-enable the SSH service on the **Services** page when all configuration changes are complete.
+To create and store specific [SSH connections and keypairs]({{< relref "/CORE/UIReference/System/SystemSSH.md" >}}), go to the **System** menu section.
+
+{{< expand "Advanced: Restricting Command Line Users to scp or sftp" "v" >}}
+This only works for users that use command line versions of commands `scp` and `sftp`.
+When SSH is configured, authenticated users with a user account can use `ssh` to log into the TrueNAS system over the network.
+User accounts are created by going to **Accounts > Users** and clicking **ADD**.
+
+By default, the user sees their home directory after logging in with SSH.
+However, the user can still find system locations outside their home directory, so take security precautions before granting users SSH access to the system.
+One method to increase security is to change shell for a user to only allow file transfers.
+This allows users to use commands `scp` and `sftp` to transfer files between their local computer and their home directory on the TrueNAS system while restricting them from logging into the system using `ssh`.
+
+To configure this scenario, go to **Accounts > Users** and edit the desired user account.
+Change the **Shell** to **scponly**.
+Repeat for each user that needs restricted SSH access.
+
+![Accounts Users Edit Shell Scp only](/images/CORE/12.0/AccountsUsersEditShellScponly.png "Accounts Users Edit Shell Scp only")
+
+Test the configuration from another system by running the `sftp`, `ssh`, and `scp` commands as that user account.
+`sftp` and `scp` work but `ssh` fails.
+{{< /expand >}}