How do I make sure all users can use ssh / sftp on a NAS from Qnap (running QTS)?

If a NAS is from QNAP then it blocks ssh for non-admin users as a form of security.
Usually this makes sense, but their are multiple use-cases where you don't want this.

Annoyingly enough QTS (the OS on QNAP) likes to "protect" admins from themselves by making it extremely hard to make changes that QNAP doesn't like.

Is there a way to let regular users use ssh/sftp ?

Answering my own question, in case I forget or others want to do the same thing.

The following procedure survives after a reboot:

• If you didn't do it already:
  Enable ssh (with sftp if you need it) in the webinterface by navigating to "Control Panel" → "Telnet/SSH" and enabling it there.
  Now it will work, but for the moment only for admin users.
• Open a terminal on your desktop/laptop and login: TERM=linux ssh someAdminUser@yourNAS
  (TERM=linux is necessary to make sure "screen" will work fine.)
• sudo -i to become root (named "admin" on QTS)
• Enter q followed by y to jump from the default to menu to a shell
• Create a var that contains all users separated by spaces:
  users=$(grep "^everyone:" /etc/group | cut -d: -f4 | tr ',' ' ')
• Make sure that these users are allowed to use ssh by putting them in the ssh configfiles:

for sshconfigfile in /etc/config/ssh/sshd_user_config /etc/config/ssh/sshd_config ; do
 sed -i "s/^AllowUsers.*/AllowUsers $users/" $sshconfigfile ;
done

• screen (We will do the restarting of ssh in a screen so that our shell doesn't die)
• Optional: ps -eo pid,args | grep '/sshd' | grep -v grep and remember the PID of sshd, we can use this later to check if it restarted correctly
• sleep 20 ; killall sshd ; sleep 30 ; killall -9 sshd ; sleep 10 ; /usr/sbin/sshd -f /etc/config/ssh/sshd_config -p 22
  This gives us 20 seconds to detach from the screen-session after which our commands will first "kindly" ask sshd to die, and if it's still not dead after 30 seconds it will force it to die. Afterwards it will wait 10 seconds to make sure it's completely dead and it will restart it.
• Before these 20 seconds expire press ctrl-a followed by d to detach from the screen and twice ctrl-d to first exit the root-shell and afterwards regular shell (and automatically the ssh-session)
• Wait ~2 minutes so that sshd has time to die and restart

From now one every user should be able to use ssh.

Suggested:
Close the screen by logging in again, becoming root/admin, reattaching with screen -r and 3x ctrl-d (exits screen, root shell and regular shell)

Optionally:

• Check if everything works correctly with:
  • ps -eo pid,args | grep '/sshd' | grep -v grep
    The PID should be different otherwise sshd didn't restart.
  • grep -v ^# /etc/config/ssh/sshd_user_config /etc/config/ssh/sshd_config
    Among the output there should be 2 lines containing AllowUsers followed by all users.
    There should be no lines containing Deny
    If this is not the case then the configfiles were not adjust correctly
• Complain to QNAP about not giving admin's full control of their own system ;-)

Note that just adding a AllowGroups everyone in the configfiles doesn't work...