Sharing encrypted shares
On my Synology DS111 I have several shares/folders for my files. For things which are important I have it encrypted storing the key outside of the box - storing that on the box itself, with automounting, sounds like a crazy idea. Why to bother with all the encryption if someone can just take your box, power it on and have access to your files - since they get automatically mounted... Yes, there is a password for shares, but somehow it is not enough for me.
It was not possible to use encrypted shares via NFS (at least as of synology firmware DSM 3.2) and I wanted to have unix permission visible. So I decided to use SFTP, since I had SSH already enabled.
SFTP on the Synology DS111
I did that on firmware DSM 3.1 and 3.2 and it worked well, so...
/etc/ssh/sshd_configand add line:
Subsystem sftp /opt/libexec/sftp-server
- Find sshd (
ps | grep ssh[d]) - it will look like (
9315 root 4112 S /usr/syno/sbin/sshd) and kill it.
- Start it again:
From now on it should be possible to use sshfs to mount your diskstation! Without installing sftp you will be confronted with rather cryptic error message on client side:
~$ sshfs -d [email protected]: /mount
subsystem request failed on channel 0
read: Connection reset by peer
Unfortunately this change in sshd_config will be lost after installing new Synology
firmware. If you know how to make it permanent (apart from checking it periodically with some script)
- please drop me an email.