Hello,
I have a AS1002T-A346
All the PC in my company are Linux based.
I need to allow each user to connect to the NAS into a private home directory, in particular using SFTP protocol.
Unfortunately the NAS allows to connect with SSH only to administrators.
Do you have a workaround or an update supporting this feature ?
Thanks
How to enable SSH connections to the NAS
Moderator: Lillian.W@AST
- MarukoBG
- Posts: 7
- youtube meble na wymiar Warszawa
- Joined: Mon Mar 29, 2021 5:51 pm
- father.mande
- Posts: 1808
- Joined: Sat Sep 12, 2015 2:55 am
- Location: La Rochelle (France)
Re: How to enable SSH connections to the NAS
Hi,
Install your own ssh server using Entware APKG (in App. Central) ... then configure each user able to use it ... even through public keys ...
if you want to keep the Asustor ssh server ... just change the port ... and forward it if necessary ...
hereafter a list of packages able to be installed thought opkg ... entware package manager
and eventually :
Entware have a start_at_boot mechanism ... to start automatically your server (/opt/etc/init.d/)
Philippe.
Install your own ssh server using Entware APKG (in App. Central) ... then configure each user able to use it ... even through public keys ...
if you want to keep the Asustor ssh server ... just change the port ... and forward it if necessary ...
hereafter a list of packages able to be installed thought opkg ... entware package manager
Code: Select all
openssh-client - 8.4p1-4 - OpenSSH client.
openssh-client-utils - 8.4p1-4 - OpenSSH client utilities.
openssh-keygen - 8.4p1-4 - OpenSSH keygen.
openssh-moduli - 8.4p1-4 - OpenSSH server moduli file.
openssh-server - 8.4p1-4 - OpenSSH server.
openssh-server-pam - 8.4p1-4 - OpenSSH server (with PAM support).
openssh-sftp-client - 8.4p1-4 - OpenSSH SFTP client.
openssh-sftp-server - 8.4p1-4 - OpenSSH SFTP server.
Code: Select all
sshfs - 3.7.1-1 - Mount remote system over sftp.
Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
- MarukoBG
- Posts: 7
- Joined: Mon Mar 29, 2021 5:51 pm
Re: How to enable SSH connections to the NAS
Hi Philippe,father.mande wrote:Hi,
Install your own ssh server using Entware APKG (in App. Central) ... then configure each user able to use it ... even through public keys ...
.snip.
Philippe.
thank you for answering.
I installed Entware and it looks very promising !!!
I needed to reboot the NAS to enable opkg but I don't understand what to do now.
Probably you mean doing something like this
https://wiki.qnap.com/wiki/Replace_ssh_ ... re_OpenSSH
but I'm very scared to follow that guide because is for another brand and I don't want to loose my NAS.
Would you mind to explain a bit more?
Thanks
- father.mande
- Posts: 1808
- Joined: Sat Sep 12, 2015 2:55 am
- Location: La Rochelle (France)
Re: How to enable SSH connections to the NAS
Hi,
Entware is installed under /opt (and normally no need to restart the NAS ... just logout and login again to add PATH to Entware bin and sbin
hen installed it's native but not dependent of A.D.M. (the Asustor Linux embedded)
use opkg (package manager to install software)
opkg list ... list all packages available (long list (2500+) ... so use grep to select some software
opkg install package_name ... to install it and dependency
ex. : opkg install openssh-server
to update list and upgrade installed package do : opkg update and opkg upgrade
If the server need to start at boot a script is proposed (as Linux) in /opt/etc/init.d folder
... generally you can also see some configuration file in /opt/etc
if you use keys ... install keygen .. if you want to add sftp server use opkg to install also it.
Entware require a minimum of Linux knowledge ... the difference is : all is under /opt ... and not / as usual.
Philippe.
Entware is installed under /opt (and normally no need to restart the NAS ... just logout and login again to add PATH to Entware bin and sbin
hen installed it's native but not dependent of A.D.M. (the Asustor Linux embedded)
use opkg (package manager to install software)
opkg list ... list all packages available (long list (2500+) ... so use grep to select some software
opkg install package_name ... to install it and dependency
ex. : opkg install openssh-server
to update list and upgrade installed package do : opkg update and opkg upgrade
If the server need to start at boot a script is proposed (as Linux) in /opt/etc/init.d folder
... generally you can also see some configuration file in /opt/etc
if you use keys ... install keygen .. if you want to add sftp server use opkg to install also it.
Entware require a minimum of Linux knowledge ... the difference is : all is under /opt ... and not / as usual.
Philippe.
AS6602T / AS5202T /AS5002T / AS1002T / FS6706T
- MarukoBG
- Posts: 7
- Joined: Mon Mar 29, 2021 5:51 pm
Re: How to enable SSH connections to the NAS
Hi Philippe,father.mande wrote:Hi,
Entware is installed under /opt (and normally no need to restart the NAS ... just logout and login again to add PATH to Entware bin and sbin
Entware require a minimum of Linux knowledge ... the difference is : all is under /opt ... and not / as usual.
Philippe.
thank you very much.
Every is working like a charm
I'm adding details below to help others
Instructions tested on AS1002T
1. Install Entware app from "App Central" and when it's finished you can install packages
2. Change system sshd to use any port other than 22. (Like 20222 or something)
3. Connect to the system as usual using ssh and the new port
Code: Select all
ssh admin@IPADDRESS -p 20222
Code: Select all
opkg install openssh-server
opkg install openssh-sftp-server
Code: Select all
ssh-keygen -f /opt/etc/ssh/ssh_host_rsa_key -t rsa
ssh-keygen -f /opt/etc/ssh/ssh_host_dsa_key -t dsa
ssh-keygen -f /opt/etc/ssh/ssh_host_ecdsa_key -t ecdsa
ssh-keygen -f /opt/etc/ssh/ssh_host_ed25519_key -t ed25519
sudo useradd --system --no-create-home sshd
Code: Select all
~/.ssh/authorized_keys
8. Now you can login to the NAS using port 22 (managed by openssh-server)
Code: Select all
ssh normaluser@IPADDRESS
10. Reboot the NAS
Code: Select all
root@AS1002T-A346:/etc/init.d # opkg info openssh-server
Package: openssh-server
Version: 8.4p1-4
Depends: libc, libssp, librt, libpthread, libopenssl, zlib, openssh-keygen, libfido2
Status: install user installed
Section: net
Architecture: armv7-3.2
Size: 333600
Filename: openssh-server_8.4p1-4_armv7-3.2.ipk
Conffiles:
/opt/etc/ssh/sshd_config 82c380eaeee6fd3415bf3378c9a8603569a83cbe4efe4928bab7f90816763961
Description: OpenSSH server.
Installed-Time: 1617095632
Code: Select all
root@AS1002T-A346:/etc/init.d # opkg files openssh-server
Package openssh-server (8.4p1-4) is installed on root and has the following files:
/opt/etc/init.d/S40sshd
/opt/sbin/sshd
/opt/etc/ssh/sshd_config
/opt/lib/upgrade/keep.d/openssh-server