12

On my Synology NAS, I can't get SSH key authentication working. I have tried all the usual things (added to authorized_keys, edited sshd config, ...), and still haven't been able to get it working.

I'd really like to be able to run interaction-free transfers to my NAS with SCP.

Additionally, another IT friend I spoke to said he got it working a while back, but it was a big pain and doesn't remember how.

Has anyone gotten this working?

Run5k
  • 16,463
  • 24
  • 53
  • 67
George
  • 472

6 Answers6

24

Although none of the other answers directly fixed it, I took some of their methods and combined them.

This is what worked for me on my Synology DS414slim, running DSM 6.1.

I logged in as admin and executed the following command (no need to fill in your username, it will work as-is):

This will set your home directory to 700 permission, owned by [you]:users.

homedir=$(eval echo ~$USER); 
sudo chown $USER:users $homedir -R;
chmod 700 $homedir; 
chmod 700 $homedir/.ssh/;
chmod 600 $homedir/.ssh/authorized_keys;
schnatterer
  • 141
George
  • 472
4

I got it working by following tips in the comments here: https://forum.synology.com/enu/viewtopic.php?t=90208

Short version, run chmod -R 755 ~. Dir perms were too permissive (?!) for ssh to use public key authentication. No idea if this causes other conflicts, but it works.

Nobody
  • 49
0

It works for me so it couldn't have been that hard to set up. I'm using a DS1812+ with DSM 6.0.2-8451 Update 5

Try creating a new user with read/write permissions on "homes"

Verify that you can ssh into the account with a password.

Either

  • add your id_rsa.pub to the ~/.ssh/authorized_keys
  • or ssh-copy-id new_user@synology_box

If it doesn't work, try using verbose mode: ssh -vvv new_user@synology_box. There might be something obvious there.

glebaron
  • 11
0

DSM 6

  1. chmod not only .ssh but also your home dir to 700
  2. chown not only .ssh but also your home dir to root:root

ex:

 sudo -i
 chown root:root /var/service/home/username
 chmod 700 /var/service/home/username
Lexib0y
  • 149
  • 9
zhao xinjing
  • 1
0

I only had to do the following to get it working:

  1. Enable use of home directory using the web interface (Advanced settings)

  2. Change directory permissions for the home directory (NAS)

    sudo -i

    chmod -R 755 ~

  3. Then it was possible to generate keys and copy to the .ssh directory of that account (Client)

    ssh-keygen -t rsa

    ssh-copy-id account@synology_server

Hans Palm
  • 1
0

Synology providing guide, how use ssh keys :
https://www.synology.com/en-global/knowledgebase/DSM/tutorial/Management/How_to_log_in_to_DSM_with_key_pairs_as_admin_or_root_permission_via_SSH_on_computers#b_8

Maxim Akristiniy
  • 229