Monday, 26 April 2021

Wow, SSHD on Synology - fun and games

 Having created a new user on my Synology DS414+, I was trying/failing to SSH using a non-admin user, via the command: -

ssh hayd@diskstation

I kept getting asked for a password, even though I was expecting to authenticate using my private key, having added my public key to the ~/.ssh/authorized_keys file on the NAS.

After lots of digging using ssh -vvv etc., I saw this: -

...

debug3: send packet: type 50

debug2: we sent a publickey packet, wait for reply

debug3: receive packet: type 51

debug1: Authentications that can continue: publickey,password

debug2: we did not send a packet, disable method

debug3: authmethod_lookup password

debug3: remaining preferred: ,password

debug3: authmethod_is_enabled password

debug1: Next authentication method: password

hayd@diskstation's password: 

...

which led me down a path of checking permissions to the user's home directory.

Firstly, I changed the permission of the .ssh subdirectory: -

chmod 700 /var/services/homes/hayd/.ssh/

but no dice.

Secondly, I changed the permission of the authorized_keys file: -

chmod 600 /var/services/homes/hayd/.ssh/authorized_keys 

Still nada.

Thirdly, I changed the permission of the home directory itself: -

chmod g-w /var/services/homes/hayd/

C'est voila.

Sigh!
at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

Note to self - use kubectl to query images in a pod or deployment

In both cases, we use JSON ... For a deployment, we can do this: - kubectl get deployment foobar --namespace snafu --output jsonpath="{...