Difference between revisions of "How to enable passwordless SSH login to a Synology NAS"

From steamWiki
Jump to: navigation, search
 
(One intermediate revision by the same user not shown)
Line 2: Line 2:
  
 
#Enable support for SSH on the Synology target machine
 
#Enable support for SSH on the Synology target machine
##Click the ''Control Panel'' Icon
+
##Click the '''Control Panel''' Icon
##Choose ''Terminal & SNMP''
+
##Choose '''Terminal & SNMP'''
##Check ''Enable SSH service''
+
##Check '''Enable SSH service'''
 
#Allow the user, on the Synology target machine, to SSH
 
#Allow the user, on the Synology target machine, to SSH
##Edit ''/etc/passwd''
+
##Edit '''/etc/passwd'''
##Change the ''command/shell'' of the user that will SSH into the box from ''/sbin/nologin'' to ''/bin/sh''
+
##Change the '''command/shell''' of the user that will SSH into the box from '''/sbin/nologin''' to '''/bin/sh'''
#*Read [https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/ this] to understand the format of the ''/etc/passwd'' file a bit better.
+
#*Read [https://www.cyberciti.biz/faq/understanding-etcpasswd-file-format/ this] to understand the format of the '''/etc/passwd''' file a bit better.
#Add the authorized key of the client to the ''authorized_keys'' file of target
+
#Add the authorized key of the client to the '''authorized_keys''' file of target
##on the client run ''ssh-keygen''
+
##on the client run '''ssh-keygen'''
##copy the ''.pub'' file (likely something like ''/home/user/.ssh/id_ecdsa.pub'') to the target machine with a command like ''scp /home/user/.ssh/id_ecdsa.pub target_user@target_server:/var/services/homes/target_user/.ssh/id_ecdsa.pub''
+
##copy the '''.pub''' file (likely something like '''/home/user/.ssh/id_ecdsa.pub''') to the target machine with a command like <pre>scp /home/user/.ssh/id_ecdsa.pub target_user@target_server:/var/services/homes/target_user/.ssh/id_ecdsa.pub</pre>
##either rename ''id_ecdsa.pub'' to ''authorized_keys'' or copy the contents into your ''authorized_keys''  file.
+
##either rename '''id_ecdsa.pub''' to '''authorized_keys''' or copy the contents into your '''authorized_keys'''  file.
#SSH once manually from the client machine (as the SSHing client user) to the target machine to add the target machine to the client's ''known_hosts'' file.
+
#SSH once manually from the client machine (as the SSHing client user) to the target machine to add the target machine to the client's '''known_hosts''' file.
  
 
[[Category: Linux]]
 
[[Category: Linux]]

Latest revision as of 11:07, 9 July 2019

Several things need to be done to allow passwordless SSHing into a Synology NAS box. This guide was written against DSM 6.2.1-23824 Update 1.

  1. Enable support for SSH on the Synology target machine
    1. Click the Control Panel Icon
    2. Choose Terminal & SNMP
    3. Check Enable SSH service
  2. Allow the user, on the Synology target machine, to SSH
    1. Edit /etc/passwd
    2. Change the command/shell of the user that will SSH into the box from /sbin/nologin to /bin/sh
    • Read this to understand the format of the /etc/passwd file a bit better.
  3. Add the authorized key of the client to the authorized_keys file of target
    1. on the client run ssh-keygen
    2. copy the .pub file (likely something like /home/user/.ssh/id_ecdsa.pub) to the target machine with a command like
      scp /home/user/.ssh/id_ecdsa.pub target_user@target_server:/var/services/homes/target_user/.ssh/id_ecdsa.pub
    3. either rename id_ecdsa.pub to authorized_keys or copy the contents into your authorized_keys file.
  4. SSH once manually from the client machine (as the SSHing client user) to the target machine to add the target machine to the client's known_hosts file.