[Tutorial] Mounting synology nas folders into Ubuntu via SSHFS

Any questions? Need some help?
Post Reply
soulinferno
Posts: 11
Joined: 18 Jun 2018, 09:47

[Tutorial] Mounting synology nas folders into Ubuntu via SSHFS

Post by soulinferno »

How to mount a folder on a synology nas with DSM 6.2 into a ubuntu 18.04 (bionic) based operating system to be able to browse through it like its a local harddrive

Hi there,
as i recently needed this, i wanted to share the results of this to others who may have similiar use cases.

-->> I tried many methods to reach best compatibility and speed while connected remotely over the internet to my synology nas. However webdav has too many stability and speed problems yet. The solution until now is to use SSHFS a combination of ssh and ftp mounted into a folder/filesystem with local application and explorer support<<--

1. open your synology DSM "control panel"
2. navigate to "File Services" and then to FTP
3. Tick "[ X ] Enable SFTP service"

Image

-> Choose your desired "Portnumber" and port forward it in your router/fritzbox to your synology nas
-> authorize the user that will have access via hhfs protocol in your synology nas via DSM "control panel" as following:

4. open "User" and click on the user you want to authorize and then click "Edit"
Click "Applications" and then tick "FTP ALLOW [ X ] "

Image

-> mount a synology folder into ubuntu as following:

5. open your terminal/shell
make a folder where the files from the synology nas should appear in with the example command:

Code: Select all

sudo mkdir /media/synologysshfs
- Enter your root password of ubuntu when asked -

Now use the following example code with 'replacement' of your own needs:

Code: Select all

sudo sshfs 'hostuser'@'name or adress of host':/ '/media/synologysshfs' -p 'sftp port' -o idmap=user,allow_other
The arguments:
'idmap=user,allow_other'
is to authorize you in your ubuntu to be able to get access rights to a root mounted folder as normal user which is needed to be able to access the mounted folder via any file explorer and other apps that are not started/granted root access

Hint: All folder accessibilty and visibility is controlled by the synology nas user control panel
soulinferno
Posts: 11
Joined: 18 Jun 2018, 09:47

Re: [Tutorial] Mounting synology nas folders into Ubuntu via SSHFS

Post by soulinferno »

How to automatically mount your synology nas folder into your ubuntu / linux mint
Some extended information: [successfully tested on operating system: synology dsm 6.2]

If you want to automatically mount/unmount a folder on your synology nas you need to enable "public key authentication" in your ssh-server module of the synology nas.
To do that enable ssh in your synology control panel and set a safe port for example: 5020.
If you want to configure from outside your home network (ie. from the internet) you also have to port forward this port in your router.
Now connect via your ubuntu/linux mint terminal/shell:

- You need to write the port number directly behind the parameter -p5020 as -p 5020 will not work -

Code: Select all

ssh admin@synologyaddress -p5020
Enter your admin password when asked. Now switch over to "root" user as the standard admin user cannot change critical parts of the operating system files with command:

Code: Select all

sudo -i
Enter your root/admin password again. Now your should see something like this:
root@synologynas:~# []
now edit the file "/etc/ssh/sshd_config" with the command:

Code: Select all

nano /etc/ssh/sshd_config

Locate the line with:

Image
#PubKeyAuthentication no
and
AuthorizedKeysFile ~/.ssh/authorized_keys

and remove the symbol "#" and change it to yes:
Image

PubKeyAuthentication yes
and
AuthorizedKeysFile .ssh/authorized_keys

IT IS IMPORTANT TO REMOVE "~/" FROM "~/.ssh/authorized_keys" AS OTHERWISE THE SSHFS SERVER WILL SEARCH THE PUBLIC KEY FILE "authorized_keys" IN THE WRONG USER HOME DIRECTORY /home/root/ INSTEAD OF EACH SEPARATE USER HOME !

Press "Ctrl+X" to exit and then "y" and press enter to save the changes.

Now you need to generate those authentication key files.
The easiest way to do it with a synology is from logging into the nas via ssh from the user that needs to be authorized for public key authentication.
This way you will save yourself many permission problems while creating those files and folders.
now type this in your terminal/shell:

Code: Select all

ssh-keygen
You will be asked to enter the path where the files will be saved and to enter a password. As we want automatic mount abilities we dont set a password yet. We just press always enter until the program finished.
The authentication files have been created and the permissions should be set correct.
There are two files now in /var/services/homes/username/.ssh/:
- id_rsa
-id_rsa.pub

The "id_rsa" key file is for our client/ubuntu/linux mint machine
The "id_rsa.pub" is the same file as "authorized_keys" file with a different name

First of all lets rename the "id_rsa.pub" file to "authorized_keys" with the move command:

Code: Select all

mv /var/services/homes/username/.ssh/id_rsa.pub /var/services/homes/username/.ssh/authorized_keys
Thats it your ssh-server module on your synology nas now has a fresh public authentication key file which will be used everytime a user tries to connect via ssh or sshfs.
Now we need to tell our ubuntu/linux mint to use the id_rsa file in combination with every ssh or sshfs command.
The easiest way to do this now is to log into your synology nas via the web interface as the same user you logged in via ssh and created the key files and then open the file station and navigate to your user "home/.ssh" folder and download the "id_rsa" file to your ubuntu/linux mint user "/home/.ssh/" directory.
That's it you can now connect without a password to your synology and mount/automount without a password after you disabled and then enabled your ssh service in your synology control panel. (Needs to be done just once to tell the ssh-server module to enable public key authentication and use those files.)
At first connection you will be asked to add the server and the keys to the known hosts list once in your ubuntu/linux mint.

Try to connect again via:

Code: Select all

ssh username@synologyaddress -p5020
and enter "yes" to confirm before you will be able to connect barrier free.

To easily mount/automount your synology sshfs folder edit the file on your ubuntu/linux mint machine:

Code: Select all

sudo nano /etc/fstab
Add this lines at the end of the file:
# Server SSHFS Share
username@synologyaddress:/ /media/synologysshfs fuse.sshfs port=5019,uid= ,gid= ,umask=0,auto,users,allow_other,identityfile=/home/username/.ssh/id_rsa,_netdev 0 0
You need to insert the uid and gid of your synology user. Look at the important notes on how to get this information.

important parameters:
auto=automounts your sshfs folder into your ubuntu/linux mint
users=allows other users than root to mount/unmount the sshfs folder
allow_other=allows other users than root to browse/view/walk through files and folders
identityfile=tells ubuntu/linux to use the generated authentication file instead of a password
_netdev=tells ubuntu/linux mint not to mount this until a network connection is established

Especially _netdev (network device) is very important. If you don't add this then your ubuntu/linux mint will likely not be able to boot or start because it first tries to mount everything that is in your /etc/fstab file before it continues.

Important notes / hints:
only admin is allowed to connect via ssh into your synology nas.
All other logins are disabled from synology for security reasons.
Connect as root is not possible. You need to connect as admin and switch there to root with your admin/root password.
If you want to enable ssh for another user you need to enable user home base in the synology settings/control panel and then edit the file: "/etc/passwd" as root user.
I recommend to visit https://synocommunity.com/ first and add this package source/repository to your synology package center/app store and then search and install the package "nano".
This is a lightwight command line text file editor which then can be used inside your synology via ssh commands.
Open the file "/etc/passwd" with the command:

Code: Select all

nano /etc/passwd
Locate a line similiar to this one:
admin: -- x --: -- :System default user:/var/services/homes/admin:/bin/sh

now search the user name where ssh needs to be enabled and change the last characters of that line to the one the admin user has in it like from this:

HyperBackup: -- x --:: -- ::/var/packages/HyperBackup/target:/sbin/nologin
to
HyperBackup: -- x -- :: -- ::/var/packages/HyperBackup/target:/bin/sh

Now press the key combination shown at the bottom-left and press "y" to save and then press "enter".
Disable and enable ssh in the synology control panel. Now your user "HyperBackup" for example should be able to login via ssh.
If the user home base service is enabled in your synology nas then all services will be handled in another way then normal linux will do. As every user has now a root home folder the syntax "~/ " will lead to the the user that are actually logged into your synology nas via ssh.
To handle files and folders for other users while root user is logged in i advice to remove ~/ from some commands and in some files of your synology nas. For example:
If you want to make a directory from ssh terminal for the user guest then you need to enter "mkdir /var/services/homes/guest/newfolder" instead of "mkdir ~/newfolder" as the last command would make a new folder in /var/services/homes/root/newfolder (or simply in /home/root/ which will confuse many apps and tools)

To get your admin or user identification numbers (uid und gid) connect via ssh to your synology and enter:

Code: Select all

id username
Hopefully this will help some people as i needed three days to get it properly working and running smoothly.
Post Reply