Vish/homelab-optimized
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
Files
29e47b18e94c5328ce4ad850feecf051ec881236
homelab-optimized/docs/admin/synology-ssh-access.md
Gitea Mirror Bot 29e47b18e9
Some checks failed
Documentation / Build Docusaurus (push) Failing after 13m3s
Details
Documentation / Deploy to GitHub Pages (push) Has been skipped
Details
Sanitized mirror from private repository - 2026-03-31 10:10:42 UTC
2026-03-31 10:10:43 +00:00

2.9 KiB
Raw Blame History

🔐 Synology NAS SSH Access Guide

🟡 Intermediate Guide

This guide documents SSH access configuration for Calypso and Atlantis Synology NAS units.

📋 Quick Reference

Host Local IP Tailscale IP SSH Port User
Calypso 192.168.0.250 100.103.48.78 62000 Vish
Atlantis 192.168.0.200 100.83.230.112 60000 vish

🔑 SSH Key Setup

Authorized Key

The following SSH key is authorized on both NAS units:

ssh-ed25519 AAAAC3NzaC1lZDI1NTE5AAAAIBuJ4f8YrXxhvrT+4wSC46myeHLuR98y9kqHAxBIcshx admin@example.com

Adding SSH Keys

On Synology, add keys to the user's authorized_keys:

mkdir -p ~/.ssh
echo "ssh-ed25519 YOUR_KEY_HERE" >> ~/.ssh/authorized_keys
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

🖥️ Connection Examples

Direct Connection (Same LAN)

# Calypso
ssh -p 62000 Vish@192.168.0.250

# Atlantis
ssh -p 60000 vish@192.168.0.200

Via Tailscale (Remote)

# Calypso
ssh -p 62000 Vish@100.103.48.78

# Atlantis  
ssh -p 60000 vish@100.83.230.112

SSH Config (~/.ssh/config)

Host calypso
    HostName 100.103.48.78
    User Vish
    Port 62000

Host atlantis
    HostName 100.83.230.112
    User vish
    Port 60000

Then simply: ssh calypso or ssh atlantis

🔗 Chaining SSH (Calypso → Atlantis)

To SSH from Calypso to Atlantis (useful for network testing):

# From Calypso
ssh -p 60000 vish@192.168.0.200

With SSH agent forwarding (to use your local keys):

ssh -A -p 62000 Vish@100.103.48.78
# Then from Calypso:
ssh -A -p 60000 vish@192.168.0.200

⚙️ Enabling SSH on Synology

If SSH is not enabled:

  1. Open DSMControl PanelTerminal & SNMP
  2. Check Enable SSH service
  3. Set custom port (recommended: non-standard port)
  4. Click Apply

🛡️ Security Notes

  • SSH ports are non-standard (60000, 62000) for security

  • Password authentication is enabled but key-based is preferred

  • SSH access is available via Tailscale from anywhere

  • Consider disabling password auth once keys are set up:

    Edit /etc/ssh/sshd_config:

    PasswordAuthentication no

🔧 Common Tasks via SSH

Check Docker Containers

sudo docker ps

View System Resources

top
df -h
free -m

Restart a Service

sudo docker restart container_name

Check Network Interfaces

ip -br link
ip addr

Run iperf3 Server

sudo docker run -d --rm --name iperf3-server --network host networkstatic/iperf3 -s

📚 Related Documentation

Last updated: January 2025

Reference in New Issue View Git Blame Copy Permalink