Create an RSA-style public/private key pair on the client.
ssh-keygen -t rsaThen follow the simple instructions here to tell the NAS that the client's public-key is an authorised user.
On the NAS, set the home directory of the user I want to connect as to the following.
chmod 700 ~/.ssh/chmod 600 ~/.ssh/*
Ensure that the SSH daemon on the NAS is set to allow the right sort of connections (this was set by default in fun_plug 0.7).
RSAAuthentication yes
PubkeyAuthentication yes
Ensure that the home directories on the client and NAS have the correct permissions set
chmod 755 /home/xxx
But if doesn't end here! Unfortunately, after rebooting the NAS fun_plug changes the permissions on the files in /ffp/etc/ssh which in turn prevents the SSH daemon from starting properly. Fixed this with the command
chmod 600 /ffp/etc/ssh/*
But then I found that it has set the permissions of the /ffp/var/lib/sshd file to be too wide. It needs to be owned by root and not group or world writable. So I had to run the following.
chmod g-w /ffp/var/lib/sshd
chmod o-w /ffp/var/lib/sshd
I need to add these permissions to the fun_plug startup script. I also could do with learning how to work out the numeric permission values that can be passed to chmod (at the moment I'm just finding them on some blog or other and blindly typing them in!).
No comments:
Post a Comment