Synology & ssh key auth: the case of the missing home folder

I wanted to set up my Synology ssh server to use key auth, but when I went to create my .ssh folder I realised my entire home folder was missing.

Hopefully this guide for setting up ssh authorized_keys will be helpful to you:


The case of the missing home folder

When I log in with ssh I get a message saying the home folder doesn’t exist:

Could not chdir to home directory /var/services/homes/ash: No such file or directory
ash@bigdisk:/$ pwd
/
ash@bigdisk:/$

On closer inspection the /var/services/homes folder doesn’t exist either, and seems to be a symlink to a fake location:

ash@bigdisk:/$ ls -l /var/services/homes
lrwxrwxrwx 1 root root 24 Oct 15 18:37 /var/services/homes -> /volume1/@fake_home_link

By default Synology doesn’t allow users to have home directories at all. So you must explicitly turn on the “user home service”.

The instructions change between Synology DSM versions but as of 2021 you can enable it in Control PanelUser & Group → *User Home**.

Synology DSM "user home" feature

After clicking apply, log back in with ssh and you’ll see you’re in your own home folder:

ash@bigdisk:~$ pwd
/var/services/homes/ash

Adding your ssh authorized_keys file

This is a standard process on all Openssh systems, so I won’t go into details here.

Debian has a quick guide that should sort you out if you need help.


ssh key auth still not working - fix your permissions

After setting up my .ssh/authorized_keys file it’s still asking me for a password to connect to the server.

The problem seems to be related to permissions. When I run a directory listing I can see that everyone has full read access to my home folder (rwxrwxrwx):

blem@bigdisk:~$ ls -lah
total 12K
drwxrwxrwx+ 2 ash users 4.0K Oct 15 19:02 .
drwxrwxrwx+ 6 root root  4.0K Oct 15 19:02 ..
drwxrwxrwx  2 ash users 4.0K Oct 15 23:19 .ssh

OpenSSH won’t let you log in with your key when the permissions are too broad, because in this case anyone else on the system can write a new ssh key and log in as me!

The Ubuntu docs suggest using these chmod commands to fix the permissions:

chmod go-w ~/
chmod 700 ~/.ssh
chmod 600 ~/.ssh/authorized_keys

If you’re not familiar with how it works, this command removes write access (-w) from group & other (go) for your home folder (~/). Then makes it so only you can access your .ssh folder (chmod 700 & 600).

Once your permissions are sorted you should finally be able to log in.

If you’re still having trouble, the Ubuntu docs have more OpenSSH troubleshooting advice.