Tuesday, 8 November 2016

Synology NAS - From My Mac, Via SSH

I'm definitely NOT new to this party, but I was remarkably impressed with how easy it was to setup SSH between my Mac and my Synology NAS, avoiding the need for me to use my password each and every time I log in.

I followed this: -


and this: -


This is what I did on the Mac: -

ssh-keygen -t rsa

to generate a public/private key pair.

I then used this: -

pbcopy < ~/.ssh/id_rsa.pub

to copy the public key to the clipboard.

On the NAS, I did this: -

vi /etc/ssh/sshd_config 

amending it to read: -

PubkeyAuthentication yes
AuthorizedKeysFile .ssh/authorized_keys

and then this: -

touch .ssh/authorized_keys
chmod 700 .ssh/
chmod 644 .ssh/authorized_keys 


and then this: -

vi .ssh/authorized_keys 

to add the previously copied Mac public key.

I was then able to access the NAS without a password: -

ssh root@nas

and verified access: -

uname -a

Linux DiskStation 3.2.40 #8451 SMP Wed Aug 17 05:11:00 CST 2016 armv7l GNU/Linux synology_armadaxp_ds414

The first time out of the gate, I was prompted for the passphrase for the Mac public key, but that's as expected.


4 comments:

David said...

Do you know how to get the Mac to auto reconnect network folders from the Synology automatically? Say if the Synology or Mac reboots?

Thanks!

Dave Hay said...

Hi David, for me, it just worked. I can see the NAS listed in the Finder sidebar, under Shared, and, when I click on the link, I see the public shared folders available to me. I'm connecting as Guest, but I can also click the "Connect As..." and connect as a different user ( defined on the NAS itself ) as I've cached the credentials in Keychain in macOS. Cheers, Dave

David said...

Right. But that's a manual reconnection. I'm looking for a way to auto reconnect as it messes my Plex server up.

Thanks though!

Dave Hay said...

Hi David, one of my colleagues mentioned that a future update of the Synology software is going to make life easier for us Mac users, perhaps with better support for AFS or SMB, or both. We'll see ......