Add an initial poge for Synology DSM

Synology-DSM.md

@@ -0,0 +1,52 @@
+Synology Disk Station Manager or short **DSM** is an Linux-based operating system shipped with various devices made by Synology.
+
+Connect to a Synology device via its web interface in order to apply these options:
+
+* Open the **Control Panel**
+* On the bar, scroll down to **Connectivity** and click on **Terminal & SNMP**
+* On the tab **Terminal** tab check if **Enable SSH service** is enabled
+* If yes, click on **Advanced Settings**
+* Select the security level **Customize**
+
+This opens a window **Customize encryption mode**, which contains 3 rows: Cipher, KEX and MAC, configure them as follows:
+
+## Cipher
+
+Only leave the following ciphers enabled:
+
+```
+aes128-ctr
+aes128-gcm@openssh.com
+aes192-ctr
+aes256-ctr
+aes256-gcm@openssh.com
+chacha20-poly1305@openssh.com
+```
+
+## KEX
+
+Only leave the following key exchange algorithms enabled:
+
+```
+curve25519-sha256
+curve25519-sha256@libssh.org
+diffie-hellman-group16-sha512
+diffie-hellman-group18-sha512
+```
+
+## MAC
+
+Only leave the following MACs enabled:
+
+```
+hmac-sha2-256-etm@openssh.com
+hmac-sha2-512-etm@openssh.com
+umac-128-etm@openssh.com
+```
+
+Finally in click on **Save** to close this window, returning back to the windows **Advanced Settings** where you need to click on **Save** again. Finally back in the Control Panel, click on **Apply**.
+
+
+## Limitations
+
+At least DSM version 7.2 doesn't allow you reaching a perfect score, since neither host keys, nor host-key algorithms can be updated or modified in a supported way other than by manually modifying ``/etc/ssh/sshd_config``. Also those manual changes are likely overwritten by i.e. system updates or other configuration changes via the DSM web interface.