SSH
How to tunnel SSH over SSL/TLS
The following is needed when you are unable to connect to your NAS via SSH directly, e.g. zscaler that blocks port 22.
NAS
Install stunnel SynoCommunity package
In the folder
/var/packages/stunnel/target/etc/stunnel
Create a file
stunnel.conf
with the following content:[ssh] accept = 0.0.0.0:443 connect = 127.0.0.1:22 cert = /etc/stunnel/stunnel.pem key = /etc/stunnel/stunnel.key
Create a self-signed certificate:
openssl req -new -x509 -days 3650 -nodes -out stunnel.pem -keyout stunnel.key -newkey rsa:2048 cat stunnel.key >> stunnel.pem chmod 600 stunnel.key
Ensure all files are owned by
sc-stunnel:sc-stunnel
Control Panel > Task Scheduler > Create > Scheduled Task > User-defined script
General -> Name:
stunnel
General -> User:
root
General -> Event:
Boot-up
Task Settings -> User-defined script:
/usr/local/bin/stunnel
Windows Client
Install stunnel WinGet package
winget install stunnel
Create a file
stunnel.conf
with the following content:client = yes [ssh] accept = 5022 connect = <NAS_IP>:443
Run stunnel on startup, e.g.
stunnel.exe -quiet
onHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
registry keyEnjoy by connecting with
ssh -p 5022 localhost
How to sign with RSA key pairs
Last updated