or How to Login to your Synology NAS via SSH with a keypair instead of a password.
Config File Editor – Install on Synology using Package Center. Add this URL as a package source: http://packages.quadrat4.de/
(how to add a new package source http://www.synology.com/support/tutorials_show.php?q_id=500#t2.2 )
This is optional, you can use ‘vi’ instead to edit the ssh config.
- Generate the keypair using putty
- Edit the ssh config on your Synology NAS
- Upload your public key to the NAS
Generate the keypair using putty
We are going to use Puttygen.exe to generate a public and private key. The public key will be added to the authorized keys file on the NAS. The private key is what you will use to login. This will be your new “password”.
- Launch puttygen.exe
- Type of key to generate “SSH-2 RSA”
- Generate the Key and leave PuttyGen open
- Save the Public and Private keys in a safe place.
Edit the SSH Config on your Synology NAS
Now we need to edit the SSH config file. You can either SSH into the NAS as root or use the Config File Editor you installed earlier. If you SSH in the file is located at “/etc/ssh/sshd_config” if you are using the Config File Editor select sshd from the dropdown.
Look for these 2 lines
Remove the # (hashtag) so they become
Other values worth setting.
Change the max login attempts
Allow TCP Forwarding
Disable Password authentication (only do this AFTER you have keypair login working.)
Upload your public key to the NAS
To upload your public key you will need to SSH into your NAS using putty.exe as root (or whichever user you want to enable SSH Keypair login for). Run the following commands from the terminal, ignore the lines that being with # (hashtag)
#cd to /root (this is the users home directory)
#create the .ssh folder
#create the authorized_keys file
#edit the autorized_keys file
#add your public key to the file – copy it out of puttygen.exe
#your public key will look something like
ssh-rsa A__a whole bunch of random characters___bw== rsa-key-20130718
#save the file. exit VI
#change the permissions on the authorized_keys file
chmod 700 /root/.ssh
chmod 644 /root/.ssh/authorized_keys
#disconnect the SSH session
Test your settings
Now we are going to use putty.exe to test that we can login with our ssh key.
#use the following settings.
Connection type: SSH
username: root (or whichever user you setup the key for)
Connection->SSH->Auth->Private Key # Your private key file you created at the beginning of this article.
#press the OPEN button
You should now have logged in to your Synology without having to give a password.
If you are able to successfully login with the private key then you can now disable password login.