Configure ssh for passwordless login

1. Make sure you have a public/private key pair on your host machine (or generate
it: sh-keygen -t rsa -b 4096 -C “you@yourmail.com”)

2. Copy your public key to your nas:
ssh-copy-id you@yournassip (if ssh-copy-id is available)

Or append home/.ssh/id_rsa.pub from your host to the .ssh/authorized_keys on
the nas.

3. Make sure permissions are correct (or your key will be refused)
– authorized_keys: 644
– .ssh: 700
– home directory (important !): 755

4. Autorize public key login in sshd config: /etc/ssh/sshd_config
RSAAuthentication yes
PubKeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

5. Restart sshd with synoservice –restart ssh-shell

5. Connect without a password: ssh you@yournas

To debug, connect with ssh -v you@yournas, and change the following in
sshd_config:
SysLogFacility AUTH
LogLevel VERBOSE (should be enough most of the time, or DEBUG)
Read logs in (FIXME???)

If you break ssh and can’t connect anymore, activate the telnet service in
dsm and fix sshd_config.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s