Login as root (user pi). Default setting in /etc/sshd_config is PasswordAuthentication yes. SSH Access is enabled by default.

Copy a valid authorized_keys file with the public keys of the machines you want to use to SSH access to the pi into the root folder of your default user.

How to generate key pairs and where the keys need to be placed is described in SSH Client and Server.

# vi /etc/ssh/sshd_config
Port 50111
LoginGraceTime 15
PermitRootLogin no
PasswordAuthentication no

If you want to establish tunnels to services on the NAS, you need to enable TCP forwarding:

# vi /etc/ssh/sshd_config
AllowTcpForwarding yes

Enable telnet in web interface > Control Panel > Terminal

telnet box # as username
ssh -v -v -v box # as root