Add SSH user to your Synology Diskstation

It is best not to SSH into your diskstation with your admin or root account. Create a separate user for this with the appropriate permissions. The steps below outline the procedure to create a new user with SSH access to your diskstation.

1. Create a user through the webinterface, DSM, of your diskstation.

2. Open a (root) terminal on your diskstation and edit the password file:

vi /etc/passwd

The last line in this file is your new user. The user cannot login because the shell is set to /sbin/nologin. Change the /sbin/nologin to /bin/ash

Copy the $HOME/.profile to /var/services/homes/[new user]
Edit this .profile file and change the value of $HOME to /var/services/homes/[new user]

3. Now you can login to your diskstation with SSH and username / password:

ssh newuser@diskstation.local

4. To automate the login procedure create an rsa public/private key pair (this should be done on your local machine; not your diskstation). For this to work be sure to enable the “User home service” on your diskstation (press User Home button on user control panel).

# Keep the defaults if possible; filename is id_rsa; remember your passphrase!
ssh-keygen

5. Copy the public part of the key to your NAS to $HOME/.ssh

6. Create an authorized key file and set file permission to user-read only:

cd $HOME/.ssh
cat [your_public_key_file] >> authorized_keys
chmod 400 authorized_keys
rm [your_public_key_file]

7. Exit your terminal

8. SSH again to your diskstation; type your passphrase and you are in:

ssh newuser@diskstation.local
Share

Leave a Reply

Your email address will not be published.