How can i change the sshd_config file to work with a QNAP TS-251+?

by Dgamermaster   Last Updated April 15, 2019 11:01 AM

So I own a QNAP TS-251+, and QNAP is notorious for rewriting the config files for all their services to the default every time the device restarts. I wanted to change the sshd_config file so that I could restrict login via password and only allow RSA key authentication as a means of login. I wrote a little sed command and a restart script in the autorun.sh of the QNAP that I configured (and that works perfectly, since the config file is changed to what I want every time it boots up) to run at the start of the system. The code I used is as shown:

sed -i -e 's/#PermitRootLogin yes/PermitRootLogin no/' -e 's/#ChallengeResponseAuthentication yes/ChallengeResponseAuthentication no/' -e '#PasswordAuthentication yes/PasswordAuthentication no/' /etc/ssh/sshd_config
/etc/init.d/login.sh restart

I'm somehow still able to login with only a password, so I'm wondering if the problem is in the reset of login.sh (there is no /etc/init.d/sshd, since QNAP apparently incorporates it in /etc/init.d/login.sh), or if there's a problem with some setting in the config file. Here's a pastebin to the contents of the config file. Has anyone else perhaps tried this method before? I know it isn't necessary security-wise, but it's more convenient, and I prefer to have RSA authentication, so I might as well make it more secure by disabling the password login.



Related Questions


Updated May 22, 2015 00:00 AM

Updated August 25, 2018 02:01 AM

Updated August 25, 2015 21:09 PM

Updated February 17, 2017 22:01 PM