I would like to use SSH credentials when using an SSH connection with a MyCloud NAS. I’ve seen several step-by-step procedures for doing this on the web but have not gotten it to work. And I’m not familiar enough with Linux to know what I’ve done wrong. Some of the procedures created key files in /root/.ssh/. Other procedures created the key files in /home/root/.ssh/. I don’t know which (if either) is correct but both directories get deleted on reboot so it doesn’t matter much.
Would someone provide me with a procedure that works?
First, what WD device do you have?
If it is a WD My Cloud did you turn on SSH in the Dashboard? See image below.
Click on, tap or activate image to enlarge it.
My device is a WD MyCloud (Gen2). And yes, I’ve turned on SSH. I have no trouble getting to the device with with userid (sshd) and password. I’m asking how to set up SSH credentials (SSH encryption key) so I don’t need to enter the password - needed for connecting from a client running a script.
I’ve seen multiple web pages describing how to create the encryption key pair - descriptions that pretty much agree with each other. I’ve see descriptions of where and how to save these on MyCloud - descriptions that do not agree with each other (but may reflect differences between Gen1 and Gen2). But I’ve seen nothing that addresses the deletion of the files during a reboot of the MyCloud.
The gen2 MYCloud basically erases any user changes on reboot. If you search the forum for fun_plug you
will find information on have to make changes that will last over a reboot.
If you are creating a new key for the root user, you dont need fun_plug. It (the user’s .ssh folder) is already physically stored on persistent storage on the gen2. It is handled via a symbolic link in the initial ramdisk.
Just do a ls -ll on the folder, and you will see where it points. Replace the files in the pointed to location, and you are all set. (one of the first things I did was replace root’s key pair when I fired up my gen2.)
Ok, I am now home, and can look at my gen2. In the root file system, the ssh config goodies are in /etc/ssh. This location is populated by the init script, with files stored in the persistent configuration volume, which gets mounted at /usr/local/config. The file names are fixed:
I believe sshd_config is created on the fly. I remember trying to find it and change it (on persistent storage) for persistent config changes, but could not. Despite the name, you can put any kind of key in that file. I used an eliptical curve rsa key.
You need to get your user-init script to change this file (/etc/ssh/sshd_config), then restart sshd if you want to enable ssh with other users, or control how ssh allows logins.
Sorry for the belated response. I don’t know Linux (or any flavor of *NIX) so it’s taking me a while to digest your information. I’m using this as a learning experience.
My overall goal is to use a non-WD NAS as a backup for data on my MyCloud. I have not been able to use the other NAS as a Remote Backup target for the MC (although I have not given up on that) so am trying to script an rsync pull from that other NAS. Using SSH credentials would simplify the scripting but may not be absolutely essential.
I am going to have many more questions regardless of my chosen solution.