Synology DSM - Allow Presistent SSH With RSA Keys¶
As a power user, i would like to be able to connect to my Synology DSM vis SSH. The issue is that Synology DSM won't allow you to use SSH with RSA keys out of the box and only allows you to use SSH with password. In order to allow the use of SSH keys we need to perform the following steps:
Requirements¶
I will assume you have already have SSH keys generated, SSH server configured on Synology DSM
- Generated SSH keys
- SSH server configured on Synology DSM
Allow User Home at DSM Level¶
User Home enable to create a personal home folder for each user, except for guest. This will allow as to create user's .ssh folder and authorized_keys file.
- Log into Synology web UI as an administrator user
- Control Panel -> User & Groups -> Advanced, scroll down to “User Home”
- Check “Enable user home service”, select an appropriate Location (i.e. volume1)
- Click “Apply”
Configure .ssh Folder and authorized_keys File¶
Log in to the NAS through SSH with the user you want to add key authorization for. The following example shows how to add will work for the active user in the SSH session.
First change the permissins of the users home folder to 700
sudo chmod 700 ~
Create the .ssh folder and set permissions to 700
mkdir ~/.ssh && chmod 700 ~/.ssh
Create the authorized_keys file and set permissions to 644
touch ~/.ssh/authorized_keys && chmod 644 ~/.ssh/authorized_keys
Synology's DSM SSH server supports RSA and ed25519 keys.
No you need to copy you public keys to authorized_keys file, you can do it manually or use the following command:
echo <public-key-sting> >> ~/.ssh/authorized_keys
You can do it automatically by using the following command from a client with the ssh key you want to add:
ssh-copy-id -i ~/.ssh/id_rsa <user@ip-address>
At this point you should be able to connect to Synology DSM via SSH using the key you just added.