User Tools

Site Tools


enable_rsync_on_synology

Want to do rsync to/from a Synology (perhaps to do backups with rsnapshot) and you want to use SSH keys?

Synology GUI

Make an rsync user with read and possibly write permissions to the desired share(s). Can use an existing user at your discretion.

Synology SSH

SSH to the box with a sudo-capable account.

Enable SSH keys in general:

sudo vim /etc/ssh/sshd_config

Uncomment each of:

  • PubkeyAuthentication yes
  • AuthorizedKeysFile .ssh/authorized_keys
  • ChallengeResponseAuthentication no

If enabling rsync on a dedicated account, become that account: sudo -u rsync /bin/bash

Put the key into .ssh/authorized_keys.

Constrain permissions appropriately. From homedir:

chmod 700 . .ssh
chmod 600 .ssh/authorized_keys

Credit here for the above.

Rsync as root?

Generally, rsync'ing as root is bad. However, if you're pulling backups, it's the only way to read all files and preserve their permissions (necessary if you're using the NAS in a UNIX-like way). To do this, the above directions work, but with one issue. On rsync, you'll get the error "ERROR: user has disabled/expired". This is coming from the rsync layer, not ssh, and it's because the root account is "disabled".

Surprisingly, this is fixed from the GUI of Synology – find the account called "admin" and enable it, and that will fix rsync-as-root.

NOTE: Secure your SSH key fastidiously, as it now is an admin credential to the whole NAS box.

enable_rsync_on_synology.txt · Last modified: 2021/12/18 21:02 by tkbletsc