Using SSH keys make SSH logins more secure on ASUSTOR NAS

COURSE OBJECTIVES

Upon completion of this course you should be able to:

1. Generate paired SSH keys for different administrator accounts on the ASUSTOR NAS.
2. Use SSH keys to sign into an ASUSTOR NAS on Windows, macOS, and Linux.

PREREQUISITES

Course Prerequisites:

None

Students are expected to have a working knowledge of:

SSH

OUTLINE

1. Introducing SSH Keys

2. Adding an SSH key to your ASUSTOR NAS

3. Using an SSH key to sign in to an ASUSTOR NAS

1. Introducing SSH Keys

Logging into an ASUSTOR NAS using SSH means you can exercise full control over your NAS and operate more advanced functions. Enabling SSH keys can improve the security of using SSH while also making it more convenient. SSH keys replace passwords and are much more secure than passwords. Generate different keys for different administrator accounts and save the private keys in an SSH client while disable password authentication, greatly improving the security of SSH connections.

Introduced in ADM 5.0.

2. Adding an SSH key to your ASUSTOR NAS

To login SSH with private keys, you MUST enable SSH service.

• Using your Web browser, log in to ADM using an administrator account.
• Select [Services] [Terminal] [SSH].
• Select [Enable SSH Service] and click on [Apply].

When enabling SSH, it is recommended to avoid using the default port.

• Select [Services] [Terminal] [SSH Keys].
• Select a system administrator to create an SSH key, and click [Add].

• Choose an administrator account to take possession of a created SSH key.
• Change the key name if needed.
• Open the pulldown menu to select the private key format for download.
• Click [OK] and then ADM will generate a paired key and prompt you to download the required private key.

  Note:

  • Different SSH clients will use different private key formats, please choose to download the required private key format.
  • Please keep the private key properly. Once lost, please log in to the NAS to regenerate new public and private keys.

• A created key is enabled by default. You can now use an SSH private key to connect to your NAS.
• A key can be disabled or deleted here. The paired private key of a disabled or deleted key will become invalid and cannot be used.

• You can choose to disable the password authentication for different administrators accounts here.

Disabling password authentication will not allow the user to login SSH with password anymore, including encrypted transmission via SSH in Remote Sync.

3. Using an SSH key to sign in to an ASUSTOR NAS

Different client software may require different SSH key formats. There are 4 types of SSH private key formats downloaded from an ASUSTOR NAS: These are in the file formats of .ppk, .pem .key or the file name starts with the prefix of id_.

Please copy the required private key file to the appropriate folder to save and use it.