I started with a scheduler script to automatically power down the target NAS.
There is a need to be controlled without a password, so I summarized what I learned after studying on the Internet for a day.
The Macintosh I'm using has a terminal app installed by default.
It is explained by Mac, but you can apply PuttyGen, etc.
I will explain three ways to create an SSH Pub Key and connect without a password one after the other.
Based on my main NAS4, the second backup NAS, NAS5.
1. MAC PC -> Synology NAS4 Passwordless login
2. Synology NAS4 -> Synology NAS5 Passwordless Login
3.SUDO Passwordless login
1. [MAC PC -> Synology NAS4 Passwordless login ]
ssh-keygen
(If prompted to enter a password, leave blank and continue entering Enter.) Use the command below to set permissions for the Mac local account .ssh folder.)
chmod 700 ~/.ssh && chmod 600 ~/.ssh/*
(Mac Local ~/.The ssh folder contains key files as shown below. )
(Copy the .ssh/id_rsa.pub, a locally generated PUB KEY file, to the .ssh/authorized_keys file in the admin account on NAS 1 using the ssh-copy-id command. )
(The two files have the same content, only different names.)
( [Sousce id_rsa.pub file] -> [Target authorized_keys file] copy )
ssh-copy-id -i ~/.ssh/id_rsa.pub -p 32022 [email protected]
(Copy the Key file and adjust the permissions of the admin folder and .ssh folder and contents.)
chmod 755 /var/services/homes/admin
chmod 700 /var/services/homes/admin/.ssh
chmod 600 /var/services/homes/admin/.ssh/authorized_keys
(Do the connectivity test. Ask for a password only the first time. After that, you have to move on without typing.)
ssh -p 32022 [email protected]
2.[Synology NAS4 -> Synology NAS5 Passwordless Login]
(Synology NAS4, as in Mac, generates Key files. The process is the same. The permission settings in the ssh folder are not required because they have already been adjusted above.)
ssh-keygen
(Synology does not have an SSH-COPY-ID utility built-in, so we made a separate copy of the contents into a vi editor.)
(How to install SSH-COPY-ID separately is left in the comments below.)
[Sousce id_rsa.pub file] -> [Target authorized_keys file] copy
cat .ssh/id_rsa.pub
(Drag the values scattered on the console and COPY the clipboard.)
(Connect to NAS5)
ssh -p 32022 [email protected]
(.ssh create directory and create authorized_keys file)
mkdir .ssh
cd .ssh
vi authorized_keys
i
(paste clipboard key value)
(press esc key and file save)
:wq!
(Similarly, adjust the permissions of the directories and files created on NAS5).
chmod 755 /var/services/homes/admin
chmod 700 /var/services/homes/admin/.ssh
chmod 600 /var/services/homes/admin/.ssh/authorized_keys
(NAS4's .ssh will have both KEY files authorized_keys for connecting to PC->NAS4 and id_rsa.pub files for connecting to NAS4->NAS5.)
(Do the connectivity test. Ask for a password only the first time. After that, you have to move on without typing.)
ssh -p 32022 [email protected]
3. [NAS5 root SUDO Passwordless login]
(Enter the command below in your admin account without any changes.) 1 line will be added to root's /etc/sudoers file to log in without entering a password.)
echo -e "\n$USER ALL=(ALL) NOPASSWD: ALL\n" | sudo tee -a /etc/sudoers
(Check that the settings are applied well)
sudo -l
— As a result, more lines below should be added and visible.
(ALL) NOPASSWD: ALL
(Do the sudo access test.)
sudo -i
--------------------------------------------------
(NAS4 shuts down NAS5, and the poweroff command is passed, skipping both the admin password entry and the SUDO password entry process of NAS5.)
admin@NAS4:~$ ssh -p 32022 [email protected] sudo "poweroff"
I think you can apply various terms other than poweroff.
Thank you.
There is a need to be controlled without a password, so I summarized what I learned after studying on the Internet for a day.
The Macintosh I'm using has a terminal app installed by default.
It is explained by Mac, but you can apply PuttyGen, etc.
I will explain three ways to create an SSH Pub Key and connect without a password one after the other.
Based on my main NAS4, the second backup NAS, NAS5.
1. MAC PC -> Synology NAS4 Passwordless login
2. Synology NAS4 -> Synology NAS5 Passwordless Login
3.SUDO Passwordless login
1. [MAC PC -> Synology NAS4 Passwordless login ]
ssh-keygen
(If prompted to enter a password, leave blank and continue entering Enter.) Use the command below to set permissions for the Mac local account .ssh folder.)
chmod 700 ~/.ssh && chmod 600 ~/.ssh/*
(Mac Local ~/.The ssh folder contains key files as shown below. )
(Copy the .ssh/id_rsa.pub, a locally generated PUB KEY file, to the .ssh/authorized_keys file in the admin account on NAS 1 using the ssh-copy-id command. )
(The two files have the same content, only different names.)
( [Sousce id_rsa.pub file] -> [Target authorized_keys file] copy )
ssh-copy-id -i ~/.ssh/id_rsa.pub -p 32022 [email protected]
(Copy the Key file and adjust the permissions of the admin folder and .ssh folder and contents.)
chmod 755 /var/services/homes/admin
chmod 700 /var/services/homes/admin/.ssh
chmod 600 /var/services/homes/admin/.ssh/authorized_keys
(Do the connectivity test. Ask for a password only the first time. After that, you have to move on without typing.)
ssh -p 32022 [email protected]
2.[Synology NAS4 -> Synology NAS5 Passwordless Login]
(Synology NAS4, as in Mac, generates Key files. The process is the same. The permission settings in the ssh folder are not required because they have already been adjusted above.)
ssh-keygen
(Synology does not have an SSH-COPY-ID utility built-in, so we made a separate copy of the contents into a vi editor.)
(How to install SSH-COPY-ID separately is left in the comments below.)
[Sousce id_rsa.pub file] -> [Target authorized_keys file] copy
cat .ssh/id_rsa.pub
(Drag the values scattered on the console and COPY the clipboard.)
(Connect to NAS5)
ssh -p 32022 [email protected]
(.ssh create directory and create authorized_keys file)
mkdir .ssh
cd .ssh
vi authorized_keys
i
(paste clipboard key value)
(press esc key and file save)
:wq!
(Similarly, adjust the permissions of the directories and files created on NAS5).
chmod 755 /var/services/homes/admin
chmod 700 /var/services/homes/admin/.ssh
chmod 600 /var/services/homes/admin/.ssh/authorized_keys
(NAS4's .ssh will have both KEY files authorized_keys for connecting to PC->NAS4 and id_rsa.pub files for connecting to NAS4->NAS5.)
(Do the connectivity test. Ask for a password only the first time. After that, you have to move on without typing.)
ssh -p 32022 [email protected]
3. [NAS5 root SUDO Passwordless login]
(Enter the command below in your admin account without any changes.) 1 line will be added to root's /etc/sudoers file to log in without entering a password.)
echo -e "\n$USER ALL=(ALL) NOPASSWD: ALL\n" | sudo tee -a /etc/sudoers
(Check that the settings are applied well)
sudo -l
— As a result, more lines below should be added and visible.
(ALL) NOPASSWD: ALL
(Do the sudo access test.)
sudo -i
--------------------------------------------------
(NAS4 shuts down NAS5, and the poweroff command is passed, skipping both the admin password entry and the SUDO password entry process of NAS5.)
admin@NAS4:~$ ssh -p 32022 [email protected] sudo "poweroff"
I think you can apply various terms other than poweroff.
Thank you.