OK I typed a LOOOOOOONG reply and then when i sent it, it said some sort of error so this is what you get before it times out. I will type it in a different program next time. lesson learned. again.
It works for me. SFTP is the secure way in behind two routers, two different subnets. firewall rules on both plus the mac. One user. Nasty password.
FTP is the back door in case the power cycles at home in spite of battery backup. Restart defaults to password request, but obviusly I would not be there to type it in, thus FTP to the rescue.
SFTP requires the mac, FTP does not, on my setup.
Mac uses SFTP with one box to check in a control panel, why can;t the WD.
FTP is behind the two routers using high ports. ports are forwarded in the 2nd router to the 20, 21, 22, 1723. (I think I have the 1723 right, I am not at home right now).
On the WD:
WD web acces is OFF,
FTP is ON.
SSH is OFF.
Streaming is OFF.
Pretty much all else is OFF.
One user, ME
Sleep is OFF. After reading here, I have never turned it on.
On the mac:
File sharing is OFF, ( I Think I remember that is so)
remote access is on and restricted to ME. with password authentication.
The share is (macspeak here) mounted on the desktop, I forget what the proper term is.
It is accessible at home through the finder (macspeak) .
It is accessible through FTP also at home. FTP is SO MUCH FASTER at home compared to using the finder.
All common service ports are closed to the outside world.
Sophos antivirus running in backgound on mac.
Mac Host file updated every couple of months from a bad IP address list website.
So it has the convenience, speed, easy access, no maintenence, nothing to ro-do when there is a restart or firmware update, yet works 24 hours a day with no down time.
My main concern is keeping the bad guys OUT with my limited knowledge and limited time to learn.
I am a busy guy. I think i have done about everything in that regard that I can do without a huge learning curve, without increasing maintenece, expense, loss of sleep at night.
My original concern with the topic was simply to report that the firmware update did not brick mine, and that all functions I use were still working. I did not have to do anything after the update to get back up and running. All the settings were still there.
However, I appreciate that the topic turned to SFTP. I had been looking for info on the topic, when setting this up, but found it to not be sufficient or anything I could actually implement.
This setup works for me in its roundabout way, and I wish indeed there was a more convenient one click method to make it work in the WD.
SFTP is inherently more secure, and is behind the secure network and one more step going through the mac, but no slowdown like there was with tunneling VPN.
FTP is behind the same security on the network as the SFTP but does not go through the mac.
However it is not inherently secure, so it is not used except in emergency.
I have had several concerns with the security on the WD. default username/ password in SSh is not changeable in the control panel, but warranty is voided if I go into SHH and make a diferent password and fiddle about, Web access supposedly works better with UPNP, yeah right like I am going to turn that on, FTP is the only option , are you kidding me??, Wanting to use default low open ports for WEB ACCESS . Glad they at least allow you to change them.
Which again is why I have it set up the way I have it set up.