Synology SSH mit keys

Wenn man bei DSM die /homes aktiviert, werden die Verzeichnisse zwar aktiviert, aber die Rechte nicht richtig gesetzt.

Das muss man korrigieren, sonst funktioniert eine SSH Authorisierung über keys nicht (siehe 8. des folgenden Links):

https://forum.synology.com/enu/viewtopic.php?t=126166

For each user that you want to grant SSH access to, generate SSH keys

  • You could do this while logged in as admin, but you would need to manually mess with changing ownership and permissions of files you create here. It is better / easier to log in as each individual user to perform the following.
  • Re-launch your SSH application (putty, or other) to open a new session with the Synology
  • Log in as the user you want to set up
  • Create folder for SSH keys for the user and set permissions
    • mkdir ~/.ssh
      • creates a hidden .ssh directory to hold the keys
    • chmod 0700 ~/.ssh
      • sets proper permissions for the folder (full rights to user, no rights to anyone else)
    • touch ~/.ssh/authorized_keys
      • Creates a new empty file named authorized_keys. This will hold the public keys of remote users that are allowed to log in here as this Synology user.

      chmod 0644 ~/.ssh/authorized_keys

      • Set permissions of the new authorized keys file. (read/write to current user, read-only to everyone else)
    • chmod 0644 ~/.ssh/authorized_keys
      • Set permissions of the new authorized keys file. (read/write to current user, read-only to everyone else)
  • ssh-keygen
    • Generate public and private keys
    • Press “enter” to accept default file location (should be user’s .ssh folder)
    • Press “enter” twice to indicate NOT to create passphrase. (The passphrase would prevent the login from working when used by rsync.)
    • Will add files id_rsa (private key) and id_rsa.pub (public key)
    • These should automatically be created with the correct permission (read/write by user only, i.e. chmod 600). You shouldn’t need to make any changes.