I wan to disable password access for both the default and OpenSSH servers so that only key authentication is active.
For OpenSSH I know that I can make the change in the sshd_config file:
Code: Select all
PasswordAuthentication no
Thanks.
Code: Select all
PasswordAuthentication no
There is no official way of doing it, but it can be done. To do it, you simply have to implement changes within the "autorun.sh" file on your NAS, per QNAPedia article: Running Your Own Application at Startup so that it modifies the settings at every boot.No Expert wrote:Hi,
I wan to disable password access for both the default and OpenSSH servers so that only key authentication is active.
For OpenSSH I know that I can make the change in the sshd_config file:Does anyone know how to do the same for the default ("Qnap") SSHd server?Code: Select all
PasswordAuthentication no
Thanks.
Code: Select all
echo -n "Shutting down sshd services:"
/sbin/daemon_mgr sshd stop /usr/sbin/sshd
/usr/bin/killall sshd
rm -f /var/lock/subsys/sshd
echo "sshd"
/bin/sed -i -e 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config
echo "Disabled SSHd Password Authentication in config file: /etc/ssh/sshd_config"
echo -n "Restarting sshd services:"
/sbin/daemon_mgr sshd start /usr/sbin/sshd -f /etc/ssh/sshd_config -p $(/sbin/getcfg LOGIN "SSH Port" -d 22)
echo "sshd"
Not really. It is simply explicitly setting the defaults that are already present.No Expert wrote:Patrick - thanks.
I will give it a go.
Incidentally, is there anything from this script that is useful to include?
http://forum.qnap.com/viewtopic.php?p=211720#p211720
For anyone else intersted this line-->pwilson wrote:Code: Select all
echo -n "Shutting down sshd services:" /sbin/daemon_mgr sshd stop /usr/sbin/sshd /usr/bin/killall sshd rm -f /var/lock/subsys/sshd echo "sshd" /bin/sed -i -e 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config echo "Disabled SSHd Password Authentication in config file: /etc/ssh/sshd_config" echo -n "Restarting sshd services:" /sbin/daemon_mgr sshd start /usr/sbin/sshd -f /etc/ssh/sshd_config -p $(/sbin/getcfg LOGIN "SSH Port" -d 22) echo "sshd"
Code: Select all
/sbin/daemon_mgr sshd start /usr/sbin/sshd -f /etc/ssh/sshd_config -p $(/sbin/getcfg LOGIN "SSH Port" -d 22)
Code: Select all
/sbin/daemon_mgr sshd start "/usr/sbin/sshd -f /etc/ssh/sshd_config -p $(/sbin/getcfg LOGIN "SSH Port" -d 22)"
Thanks. I missed this during my efforts. Thank-you. You taught me something! I appreciate it.JB09 wrote:For anyone else intersted this line-->pwilson wrote:Code: Select all
echo -n "Shutting down sshd services:" /sbin/daemon_mgr sshd stop /usr/sbin/sshd /usr/bin/killall sshd rm -f /var/lock/subsys/sshd echo "sshd" /bin/sed -i -e 's/#PasswordAuthentication yes/PasswordAuthentication no/g' /etc/ssh/sshd_config echo "Disabled SSHd Password Authentication in config file: /etc/ssh/sshd_config" echo -n "Restarting sshd services:" /sbin/daemon_mgr sshd start /usr/sbin/sshd -f /etc/ssh/sshd_config -p $(/sbin/getcfg LOGIN "SSH Port" -d 22) echo "sshd"
needs to be changed toCode: Select all
/sbin/daemon_mgr sshd start /usr/sbin/sshd -f /etc/ssh/sshd_config -p $(/sbin/getcfg LOGIN "SSH Port" -d 22)
<-- Note the quotations.Code: Select all
/sbin/daemon_mgr sshd start "/usr/sbin/sshd -f /etc/ssh/sshd_config -p $(/sbin/getcfg LOGIN "SSH Port" -d 22)"