Synology DS207+ usage series 1 - SSH tunneling using putty and Bitvise Tunnelier

Dec 13 2009 Original article was a little bit outdated. Article is updated for the firmware 2.2 (0949).

Configure the DS207+

1. Enable SSH from admin console: Network Services > Terminal > Enable SSH Service
2. Create a normal user called ‘ssh’: Privileges > Users > Create
3. SSH or Telnet to 207+ as root (login as root, password same as admin)
4. Edit SSH Config file

   # vi /etc/ssh/sshd_config

   Edit the lines below

      AllowTcpForwarding yes
      TCPKeepAlive yes
   

   Save the file

5. Restart sshd:
   

   /usr/syno/etc/rc.d/S95sshd.sh restart

6. Edit passwd file

   # vi /etc/passwd

   Looks for ssh user, then update /sbin/nologin to /bin/sh

   ssh: x:1031:100::/var/services/homes/ssh:/bin/sh
   

7. Create a new firewall rule to allow SSH traffic

   Network Services > Firewall > LAN > Click the Create button

   Ports: Select from a list of built-in applications

   Click ‘Encrypted terminal service’

   

   DiskStation: Adding a SSH firewall rule

   Then click OK to close the popup and continue.

   Source IP: All

   

   DiskStation: Firewall: Assign 'ALL' for source IP

   Action: Access: Allow

   

   DiskStation: Firewall: Allow an firewall rule

   Click to OK when done.

8. Optional: Enable auto block to reduce the chance of being hacked into the SSH service.

   Network Services > Auto Block > Enable auto block

Setup Broadband Router to allow port fowarding of port 22 to DS207+

Following is the example of Linksys WRT54G broadband router

Linksys WRT54G: SSH Port forwarding setup