I need to ssh to my NAS from remote location to perform administration.
Due to the reason of the ‘su’ command provided by Synology is restricted by root only… so it is required to login as root in order to perform administration.
However, it is not a good security practice to allow login directly as root. To overcome this, we can install sudo from ipkg.
First ssh or telnet to the diskstation as root.
# ipkg update
# ipkg install sudo
By default, only root is allowed to execute sudo. To allow a specify user to execute sudo, for example, user ‘ray’, add the following lines to the config file
# vi /opt/etc/sudoers
ray ALL=(ALL) ALL
This will allow user ray to execute sudo command.
Since we can execute su through the use of sudo, we no longer required to login as root directly. We can safely disable the root login now. Edit the ssh config file
# vi /etc/ssh/sshd_config
Telnet to the diskstation and then restart the sshd (instead of using telnet, you can disable SSH and then enable SSH again from the web admin console)
Now ssh to the diskstation with the user with sudo right, i.e. ray, then sudo as root
Diskstation> id uid=1031(ray) gid=100(users) Diskstation> sudo su Password: BusyBox v1.1.0 (2009.04.21-19:01+0000) Built-in shell (ash) Enter 'help' for a list of built-in commands. # # id uid=0(root) gid=0(root) #