January 3, 2016

Netgear ReadyNAS Security Tips

Here are three ways to improve the security of your Netgear ReadyNAS generally. That is not to say that the ReadyNAS is insecure these tips improve it even further.

Turn off any services you don't need

If you have services you don't need on your ReadyNAS simply turn them off. For example if you don't have a SNMP capability in your network then press it to turn it off. It will turn from green to grey.

Services control panel

Use keys not passwords with SSH

SSH is an advanced service, but it handy if you want to do RSYNC over SSH (either to or from the NAS device). A top security tip is not to use passwords, use keys instead. This is well documented on the internet but here is a very brief overview.

ssh-keygen -t rsa

Now open the public key file (the one that ends .pub) and copy the contents to the clipboard. Finally add the public key to the authorizes_keys file on the ReadyNAS. You can now connect to the ReadyNAS using key based authentication. It is advised you test this before you turn password authentication off. To turn if off simply click the SSH service on the system control panel under settings. Untick Enable password authentication and press Apply.

Turn off ssh password authentication

Turn off http admin access

Disable http only admin management so you can only manage the device through TLS. Simply click HTTP on the services page (found under the settings sub section). clear the tick in Enable HTTP Admin and press Apply.

Turn off http authentication

  • LinkedIn
  • Tumblr
  • Reddit
  • Google+
  • Pinterest
  • Pocket
Comments powered by Disqus