Log in to a Synology DiskStation using SSH keys as a user other than root
Note: I recently purchased a Synology DiskStation DS411j & I’m putting up posts about things I figure out. This is part of that series.
In a previous post—SSH into your Synology DiskStation with SSH Keys—I covered how to log in to your DiskStation using SSH keys instead of a password. By default, though, the DiskStation is set up only for root to use keys, as only root has a home directory. However, it’s not a good idea to always log in as root, as you can do anything on the system as root, include delete essential files & make other potentially disastrous boo-boos. But if you want to log in via SSH keys as another user, you first have to create & edit
.ssh/authorized_keys for that user. But where do you put that file?
By default, the only user with a home directory on the system is root, at
/root. If you try to log in as admin, or any other user, you’ll see this message:
And then you’ll still log in, but you’ll be at
/. So here’s how to create a home folder &
.ssh folder for admin; just duplicate this process for any other user with whom you want to use SSH keys.
The Synology DiskStation has a built-in ability to create home folders for every user—it’s just a bit hidden.
Go to Control Panel > User > User Home. Check the box next to Enable User Home Service & choose a volume that you want your users’ home directories to reside. That’s the simple part. Now if you log in as admin, you’ll see that you have your own home directory:
Yup, that worked. But what about
.ssh? Easy. Log in as root, & just copy the
.ssh folder from root’s home to admin’s home:
We’re not done, though. Notice that admin’s .ssh is owned by root, which isn’t gonna work when admin tries to log in. So, while still logged in as root, we need to change ownership of that directory & its contents:
Now exit as root & try logging in as admin:
It worked! Tomorrow, learn how to change the SSH port you use to log in to a Synology DiskStation.