2014-09-10

Synology: enable other users (beyond root) to ssh (DSM 5.x)

You want regular (unprivileged) users of your Synology DiskStation to be able to ssh in, just like the boss can.

I saw some complex and crappy way of doing this posted somewhere, that had some fiddly mkdir and changes of ssh options.
...All that crap is not necessary.

Here's what you actually need to do:

  • (prerequisite: Your Synology is set up running fine with a DSM 5.x-series OS and you can browse/login to the admin interface.)
  • Enable ssh service in the web interface:
    • (RTFM)
    • this means root and admin should work
    • ssh admin@synology.real.ip.addr to test it
    • ssh root@synology.real.ip.addr (with admin's password) to test it again
  • Enable user home service (for everyone) in the web interface:
    • log on to the Synology web interface
    • open control panel
    • select 'user'
    • select 'advanced'
    • under 'User Home", select the checkbox on for
      • 'Enable user home service'
    • (...this will create /volume1/homes and point /var/services/homes to this new dir, instead of the default fake one at /volume1/@fake_home_link when user home service is off.  The service also creates the dirs for each user.  This allows the /var/services/home/youruser to have somewhere decent to shell into.  Note that synology does some slick VFS settings to show different perms for /volume1/homes, dependent on whether you're root or not, so you might not notice that only root can ls in it)
  • Create a user in the web interface:
    • (RTFM)
    • ...shouldn't matter what kind of user, I tested with a non-admin plain user.
    • During "Assign shared folders permissions" portion of the user creation, use the web interface to ensure that the user's permissions are allowed read/write for homes.  This can also be done later.
    • Note that ssh will work without the ~, but the session drops into /.
  • Enable a shell for the user via CLI:
    • (at this point you will already have to know some Linux...)
    • ssh root@synology.real.ip.addr (the admin account will not work!)
    • vi /etc/passwd
      • set your user's shell to a suitable shell (which is actually busybox)
  • (you don't have to restart anything)
  • ssh youruser@synology.real.ip.addr
    • ....voila.

Posted by Poppafuze at 00:03 0 comments
Subscribe to: Comments (Atom)