authorized_keys overwritten at reboot

[codex22]

I want to access my TS-109 Pro remotely. To do that in a safe way, I want to:

- put my own key in ~/.ssh/authorized_keys
- switch ssh authorization to public key only

Unfortunately, at every reboot part of the server file system seems to be regenerated, and the authorized_keys file get overwritten with a preinstalled key. Of course, from a standpoint of security, this makes it impossible to open ssh to the Internet.

Is there a way to make sure that changes made are surviving a reboot (which could happen at any time as the place the TS is located suffers from extended power losses once in a while)?

Thanks
Michael

Edit: I should mention that I'm using the latest released firmware (1.1.2) - I'm not sure whether the described behaviour was the same in earlier releases!

[AndyChuo]

Hi Codex22,

Place your file on the hard drive first and follow this guide below to automatically copy the file from hard disk to root's home every time you reboot the device.

Andy

[codex22]

Thanks!

[TTT]

May I ask why there is a default authorized_keys file in the first place? Doesn't this mean that by default, QNAP admins have access to all QNAP boxes connected to the internet?

[AndyChuo]

dude, that's no way people at QNAP would do things like that and plus every user is strongly suggested to change their user/pass when they first log on, plus we don't know your IP as well. a default key? u should check to make sure because we never ship our box that way

[TTT]

dude, that's no way people at QNAP would do things like that and plus every user is strongly suggested to change their user/pass when they first log on, plus we don't know your IP as well. a default key? u should check to make sure because we never ship our box that way

Apologies if my response came across as rude. I did not intend to insinuate or suggest that QNAP staff would abuse this. I'm merely pointing out, as codex22 did, that on each reboot there is a default authorized_keys file placed in /root/.ssh. This means that even if the admin password was changed on the device, the owner of the private key (corresponding to the public key in authorized_keys) can bypass the admin password. Furthermore, users leave IP trails by accessing and posting to your forums.

Users are protected by their router NAT hopefully, but I suggest removing the default authorized_keys file altogether.

[codex22]

Users are protected by their router NAT hopefully, but I suggest removing the default authorized_keys file altogether.

I second that opinion!

[cjb42]

Users are protected by their router NAT hopefully, but I suggest removing the default authorized_keys file altogether.

I second that opinion!

I third that opinion.

I was horrified to find my own file overwritten with what looks like a open door to some bloke called Richard who owns a TS209.
The whole point of this file is that it removes the need for a password to ssh onto the server, and by posting this message, QNAP now have my IP address. I cannot possibly open up my firewall until this is resolved, and I suggest it goes down as a fairly high priority fix if it hasn't already.

[cjb42]

By the way... here's the contents of the file to help QNAP guys track down the source:

# cat authorized_keys
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAQEAu6ULf6SPQ1iEDfZH8i8fTWC/a
Wn8QEe0ESQU+sd84a2fzWQlRucNfWpM8fTq9GjrHOd7ZGsW4+YJDM/5HKm
o87DzEiU6o3TB7gDcAop4PKiFhUB8cxiK0yHpK9obC3uPUDacaB5/Zvk5yfpSN
ChS1mWyqOMQVroMe65FhqAdyCXAtobXjCDxYWm5uTekBpa/6Ze42bOh7yxI
bIMsFcglP70iWBD6ZoxLhXLSNg+WGotsUuztVQoIk42KcpsXyjMtgkZ4gZ6tPku
Q/n82ymKWQ089iFJMtIdTMfEzdj8ru3w+wkM7VpuJTwQDggmY33aZhX5NluD
nrbx9hZXrrBJC1Q== admin@Richard-TS209


(wrapped for display purposes)

c.

[AndyChuo]

Users are protected by their router NAT hopefully, but I suggest removing the default authorized_keys file altogether.

I second that opinion!

I third that opinion.

I was horrified to find my own file overwritten with what looks like a open door to some bloke called Richard who owns a TS209.
The whole point of this file is that it removes the need for a password to ssh onto the server, and by posting this message, QNAP now have my IP address. I cannot possibly open up my firewall until this is resolved, and I suggest it goes down as a fairly high priority fix if it hasn't already.

got it, def be on high priority for this issue. thanks for the info

[sinbad]

I spotted this too when setting up my SSH keys, I wondered whether this was something to do with the initial start-up configuration so didn't change it (since my box is not publicly available on SSH anyway due to my router settings). If I opened this box to the internet I would definitely remove that though.

It's also worth noting that in the same directory (/root/.ssh) Richard@TS-209 owns .rsync.key.pub and .rsync.key. Same issue?

[nethyperon]

I was also shocked by finding this key installed on my NAS by default. I DO need/want to access ny NAS from the internet, so I have to make some startup script to fix this issue.

I really hope these files are emptied in the next formware release. If possible I'd be happy if the file is not overwritten each time the NAS boots.

[navah]

Is there any fix for Qnaps backdoor on every user's Qnap box? I hope this has not been implemented on purpose.

[Epstein]

Personally I remove the 3 files in my autorun script.

[symphys]

Is this issue fixed in the latest fireware? Since I currently have the 2.0b 215 and richard's key is still in here...