Info How to log in without SSH password + How to log in without password

Currently reading
Info How to log in without SSH password + How to log in without password

2
4
NAS
DS918+
Operating system
  1. macOS
Mobile operating system
  1. iOS
I started with a scheduler script to automatically power down the target NAS.

There is a need to be controlled without a password, so I summarized what I learned after studying on the Internet for a day.



The Macintosh I'm using has a terminal app installed by default.

It is explained by Mac, but you can apply PuttyGen, etc.



I will explain three ways to create an SSH Pub Key and connect without a password one after the other.

Based on my main NAS4, the second backup NAS, NAS5.

1. MAC PC -> Synology NAS4 Passwordless login

2. Synology NAS4 -> Synology NAS5 Passwordless Login

3.SUDO Passwordless login



1. [MAC PC -> Synology NAS4 Passwordless login ]

ssh-keygen

(If prompted to enter a password, leave blank and continue entering Enter.) Use the command below to set permissions for the Mac local account .ssh folder.)

chmod 700 ~/.ssh && chmod 600 ~/.ssh/*

(Mac Local ~/.The ssh folder contains key files as shown below. )

스크린샷 2021-06-05 오후 6.43.22.png


(Copy the .ssh/id_rsa.pub, a locally generated PUB KEY file, to the .ssh/authorized_keys file in the admin account on NAS 1 using the ssh-copy-id command. )

(The two files have the same content, only different names.)

( [Sousce id_rsa.pub file] -> [Target authorized_keys file] copy )

ssh-copy-id -i ~/.ssh/id_rsa.pub -p 32022 [email protected]



(Copy the Key file and adjust the permissions of the admin folder and .ssh folder and contents.)

chmod 755 /var/services/homes/admin

chmod 700 /var/services/homes/admin/.ssh

chmod 600 /var/services/homes/admin/.ssh/authorized_keys



(Do the connectivity test. Ask for a password only the first time. After that, you have to move on without typing.)

ssh -p 32022 [email protected]


2.[Synology NAS4 -> Synology NAS5 Passwordless Login]

(Synology NAS4, as in Mac, generates Key files. The process is the same. The permission settings in the ssh folder are not required because they have already been adjusted above.)

ssh-keygen



(Synology does not have an SSH-COPY-ID utility built-in, so we made a separate copy of the contents into a vi editor.)

(How to install SSH-COPY-ID separately is left in the comments below.)

[Sousce id_rsa.pub file] -> [Target authorized_keys file] copy

cat .ssh/id_rsa.pub

(Drag the values scattered on the console and COPY the clipboard.)



(Connect to NAS5)

ssh -p 32022 [email protected]

(.ssh create directory and create authorized_keys file)

mkdir .ssh

cd .ssh

vi authorized_keys

i

(paste clipboard key value)

(press esc key and file save)

:wq!



(Similarly, adjust the permissions of the directories and files created on NAS5).

chmod 755 /var/services/homes/admin

chmod 700 /var/services/homes/admin/.ssh

chmod 600 /var/services/homes/admin/.ssh/authorized_keys

스크린샷 2021-06-05 오후 6.41.51.png


(NAS4's .ssh will have both KEY files authorized_keys for connecting to PC->NAS4 and id_rsa.pub files for connecting to NAS4->NAS5.)


(Do the connectivity test. Ask for a password only the first time. After that, you have to move on without typing.)

ssh -p 32022 [email protected]



3. [NAS5 root SUDO Passwordless login]

(Enter the command below in your admin account without any changes.) 1 line will be added to root's /etc/sudoers file to log in without entering a password.)

echo -e "\n$USER ALL=(ALL) NOPASSWD: ALL\n" | sudo tee -a /etc/sudoers

(Check that the settings are applied well)

sudo -l

— As a result, more lines below should be added and visible.

(ALL) NOPASSWD: ALL



(Do the sudo access test.)

sudo -i

--------------------------------------------------

(NAS4 shuts down NAS5, and the poweroff command is passed, skipping both the admin password entry and the SUDO password entry process of NAS5.)

admin@NAS4:~$ ssh -p 32022 [email protected] sudo "poweroff"

I think you can apply various terms other than poweroff.


Thank you.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.

Similar threads

Saves the results of the successful processing of shared folder synchronization to a DB file through the...
Replies
0
Views
2,458
Hello, I am building a 3rd party package which will display php web pages within a DSM UI For the UI...
Replies
0
Views
1,548
  • Question
Don't modify the base OS and command utlities as you don't know how much that will break DSM.
Replies
3
Views
1,307
Seems fixing bad code in a forum is not that easy, that's why it's published on github now...
Replies
4
Views
4,168

Welcome to SynoForum.com!

SynoForum.com is an unofficial Synology forum for NAS owners and enthusiasts.

Registration is free, easy and fast!

Back
Top