synology: ssh
the synology's nas boxes have their own will concerning ssh.
enable ssh service:
- at first one needs to enable the ssh service within the web-gui (link: synology.com)
- now login with the user: admin
the admin user has root privileges within the web-gui but inside the console only user privileges, but with sudo one can gain root privileges.
to enable ssh for other users. (note: this works only temporarily bc. after reboot the system resets the passwd file - crazy?!)
- open passwd file: sudo vim /etc/passwd
- change shell for specific user
- last column of the specific user's row: /sbin/nologin -> /bin/sh
to make it a lot more secure one should login via ssh keyfiles. this needs setup within the the sshd config file. (note: ssh needs restrictive rights for the personal ~/.ssh folder and the setup on my box was somehow screwed up (synologys acl?). that's why: StrictMode no... )
- open sshd config: sudo vim /etc/ssh/sshd_config
- change following properties:
- enable authentication by keyfile: PubkeyAuthentication yes
- load allowed client list: AuthorizedKeysFile %h/.ssh/authorized_keys
- disable folder's rights checking: StrictModes no
- disable login via password: PasswordAuthentication no
- copy one's public key (from the client machine) (link: digitalocean.com)
- from linux: ssh-copy-id
- from mac: scp
- from windows: ?
- restart sshd on the synology box
- synology fucked up the underlying OS such that one cannot restart the service via commandline (no init.d scripts, and their own commands (synosystemctl or so) doesnt do the job. the ssh service didnt restart...)...
- two options:
- restart the whole box
- disable and enable the ssh service inside the web-gui