Don’t save anything in the /root directory. The root directory is reset after a DSM update.
1. Make sure you have a public/private key pair on your host machine (or generate
it: sh-keygen -t rsa -b 4096 -C “email@example.com”)
2. Copy your public key to your nas:
ssh-copy-id you@yournassip (if ssh-copy-id is available)
Or append home/.ssh/id_rsa.pub from your host to the .ssh/authorized_keys on
3. Make sure permissions are correct (or your key will be refused)
– authorized_keys: 644
– .ssh: 700
– home directory (important !): 755
4. Autorize public key login in sshd config: /etc/ssh/sshd_config
5. Restart sshd with synoservice –restart ssh-shell
5. Connect without a password: ssh you@yournas
To debug, connect with ssh -v you@yournas, and change the following in
LogLevel VERBOSE (should be enough most of the time, or DEBUG)
Read logs in (FIXME???)
If you break ssh and can’t connect anymore, activate the telnet service in
dsm and fix sshd_config.
Every new user is added to the “Users” group, and cannot be removed from it. So
be sure to give minimal rights to that group.
For instance, if you want to give full rights to audio/video/download to your
family, and lesser rights to some external users, create a family and an
Sometimes a connection to a webdavs share fails with a 401 error (according to to /var/log/cloudsync/daemon.log), and cloudsync doesn’t attempt to connect again, even after restarting the service.
To avoid deleting and recreating the service, the error can be reset directly in the sqlite
table, after which the service must be restarted.
Note the id of the connection in error (error=3 in my case), and reset it to 0.
SQL> select * from connection_table;
SQL> update connection_table set error=0 where id=3;
synoservice –restart pkgCtl-CloudSync
Synology support told me a way to update the password for a webdav connection would be added in the future. Meanwhile I have put this a cron job, available on request.
(only recommended on a docker DSM ! See previous post !)
Install with gui:
In package center > settings:
– add https://www.cphub.net/ to package sources
– Allow installation of packages published by Synology Inc. and trusted publishers
Install in this order:
– Perl in Developer Tools
– Easy Bootstrap Installer in Community (choose entware as optware doesn’t have any
– iPKGui in Community
Packages will be installed to /opt.
Command-line tool is opkg.
%opkg list ‘*gcc*’
Source /opt/etc/profile at the end of the ~/.profile file for each user that needs
to use packages installed by ipkg.
If you have DSM >= 6.0 you can run Docker images, including one free virtual DSM..
Docker > DSM > Add
This will create a virtual server running DSM having its own IP that can be seen from the local network.
This virtual server can be started and stopped at will, as well as deleted and reinstalled, so use it to install 3rd party software without messing up your main install.
I will talk about installing 3rd party packages with ipkg in a later post.
In ssh session as root.
/usr/syno/sbin/synoservice –restart <service_name>
If files are uploaded/moved through rsync or shell access, the media index will not be
rebuilt, and these changes will not be visible through DS Video or upnp.
Connect to your NAS through ssh and rebuild the index with the following:
synoindex -R video
synoindex -R all
Add a single missing file (much faster than a rescan, will not remove deleted files !)
synoindex -a filename
Or ad da new directory with
synoindex -A dirname
Syno commands are documented (you can use –help to discover more options)
Registrer domaine freebox personalisé sur mafreebox.free.fr.
Sur le nas ouvrir control panel / security. Clicker certificate, add, add
new, get a certificate from let’s encrypt. Cocher set as default.
Configurer le certificat obtenu, remplacer le certificat synology.com par
votre domain (eg mondomaine.freeboxos.fr).
Dans control panel / network / DSM settings: cocher automatically redirect
http connections to https et enable http/2.
We found the user license for quickconnect to be a bit invasive, so we decided not to use it.
Instead: Go to mafreebox.free.fr, nom de domaine, ajouter un nom de domaine, domaine
freebox personalisé: choisir un domaine (eg. mondomaine.freeboxos.fr).
Setup the router to redirect to your NAS.
Access your NAS from the outside through mondomain.freebox.fr