Synology NAS – Enabling and Securing SSH for Use with RPI SSH Pro

Support → RPI SSH Pro
, ,
1

In this guide, I will show you how to enable SSH access on a Synology NAS and how to configure it securely for use with the RPI SSH Pro application.

This guide is written for DSM 7.x, but the process is very similar on DSM 6.x as well.

:one: Enabling SSH in DSM

  1. Log in to the Synology DSM web interface.
  2. Open: Control Panel
  3. Click: Terminal & SNMP
  4. Check: Enable SSH service
  5. Default port: 22

Click Apply.

The SSH service will become active immediately.

:two: Changing the SSH Port (Optional)

For security reasons, some users prefer not to use the default port 22.

If you want to change it:

  • Modify the port number (for example, 2222)
  • Save the settings
  • Allow the new port in the DSM firewall

:warning: Important: You must enter the same port number in RPI SSH Pro.

:three: Checking the Firewall

If the Synology firewall is enabled:

  1. Go to Control Panel → Security → Firewall
  2. Ensure that the selected SSH port is allowed
  3. It is recommended to create an Allow rule for your local network

If the port is not allowed, you may receive a Connection timed out error.

:four: User Permissions

Not every DSM user can log in via SSH.

To verify:

  1. Go to Control Panel → User & Group
  2. Select the user account
  3. Ensure it has appropriate permissions

Although the admin account works, it is recommended to create a dedicated user for SSH access for security reasons.

:five: Remote Access – VPN Strongly Recommended

:warning: It is not recommended to expose the SSH port directly to the internet.

Safer alternatives:

After connecting via VPN, your NAS will be accessible as if you were on the local network.

This significantly reduces the risk of brute-force and automated attacks.

:six: Configuration in RPI SSH Pro

Host: Synology NAS IP address

Port: The SSH port configured in DSM

Username: DSM user account

Authentication: Password

On the first connection, the application:

  • Retrieves the NAS SSH host key
  • Stores it securely
  • Displays a warning if the key changes

If approved by the user, the stored host key will be updated.

:locked_with_key: Additional Security Recommendations

For advanced users:

  • Disable SSH login for the admin account
  • Use a strong password
  • Consider configuring SSH key authentication
  • Enable Auto Block (Security → Protection)

:red_exclamation_mark: Common Errors

Connection refused

→ SSH service is not enabled

Connection timed out

→ Firewall or port is not properly configured

Permission denied

→ Incorrect username or password

:speech_balloon: Need Help?

Please provide:

  • DSM version
  • SSH port used
  • Local or VPN connection
  • Exact error message