Difference between revisions of "Hacking"

From NAS-Central Buffalo - The Linkstation Wiki
Jump to: navigation, search
(Open SSL and Open SSH and using Winscp (Putty) to Access with Windows: embellish on openssh options)
m (Already hacked firmware)
Line 17: Line 17:
  
 
Dave Walker created a hacked firmware that you can just download and use (Thank you Dave!):
 
Dave Walker created a hacked firmware that you can just download and use (Thank you Dave!):
  http://homepage.ntlworld.com/itimpi/buffalo.htm
+
* http://homepage.ntlworld.com/itimpi/buffalo.htm
  mirror: http://supportonsite.dk/files.php
+
* mirror: http://supportonsite.dk/files.php
  minimalistic (ssh only): http://blog.kevinashley.com/articles/2006/04/14/minimalistic-terastation-1tb-hacking-to-allow-proper-rsync-and-ssh
+
* minimalistic (ssh only): http://blog.kevinashley.com/articles/2006/04/14/minimalistic-terastation-1tb-hacking-to-allow-proper-rsync-and-ssh
  
 
== Software for the TeraStation ==
 
== Software for the TeraStation ==

Revision as of 12:53, 1 July 2007

That is what this site is intended for:

Contents

Hardware Hacking

  • Adding a serial console.
  • become root: firmware version 1.04
  • moving disks: change the firmware by moving the disks to a PC.
  • Real NAS: Converting the Terastation into a NAS like server with an additional os hard disk and a fully featured operating system.
  • Extra Disks: Adding Extra disks to make a 1TB Terastation into a 2TB Terastation. With the potential to create a 6TB Terastation (Using eight 750Gb Drives).
  • Replacing all drives in 06TB : Upgrading all 4 drives.

Firmware Hacking

You can create your own firmware, it's explained here.

Already hacked firmware

Dave Walker created a hacked firmware that you can just download and use (Thank you Dave!):

Software for the TeraStation

I will add small software packages as .tgz here for you to install onto the TeraStation.

As a rule, you should be able to use most Debian PowerPC packages built for woody. Use ftp to access ftp.de.debian.org (or another mirror), go to pub/debian/pool/main/ and to the directory named with the first letter of what you are looking for, there you should find a directory for the package; download a suitable version (should have "woody" and "powerpc" in the name), unpack it on a Debian box using "dpkg-deb -x package.deb name-of-temporary-dir", remove any clutter (man pages) from your temporary directory, create a tar file and copy it over to the TeraStation.

(NB I wanted to upload a .tgz but the Wiki didn't let me, saying that .tgz was not an accepted image format. --Fred 12:05, 12 Dec 2005 (CET))

Dropbear sshd

A small ssh server. home page

The install package (108k) already contains the proper links to have it start on boot, and it contains two keys for the server. Maybe you want to generate your own set of keys.

Just extract the .tgz as root into the root of your TeraStation:

dmin@HD-HTGL113:~$ sudo -s
Password:
root@HD-HTGL113:~# cd /
root@HD-HTGL113:/# tar -xzf /mnt/array1/share/dropbear.tgz

generate your own set of keys:

root@HD-HTGL113:/# rm /etc/dropbear/dropbear_rsa_host_key
root@HD-HTGL113:/# rm /etc/dropbear/dropbear_dss_host_key
root@HD-HTGL113:/# dropbearkey -t rsa -f /etc/dropbear/dropbear_rsa_host_key
Will output 1024 bit rsa secret key to '/etc/dropbear/dropbear_rsa_host_key'
Generating key, this may take a while...
Public key portion is:
...
root@HD-HTGL113:/# dropbearkey -t dss -f /etc/dropbear/dropbear_dss_host_key
Will output 1024 bit dss secret key to '/etc/dropbear/dropbear_dss_host_key'
Generating key, this may take a while...
Public key portion is: 
...

and reboot.


Can i setup publick key authentication on dropbear. If so can someone give me an example. I was able to upgrade the firmware succesffully on the Terastation Pro. I am planning to do a Public Key Authentication on my mac and use rsync for backup using ssh protocol. Any ideas? Thanks a gazillion, Naven

Yes you can: Create a key on your Linux/Unix workstation with: ssh-keygen -t rsa The public and private key will be automatically saved to the directory .ssh in your homedir.

Next: copy the text from id_rsa.pub and connect to your Terastation as root.

On your Terastation: - mkdir /root/.ssh - vi /root/.ssh/authorized_keys - paste the text you copied in the step before - save the file

Now you can connect to your Terastation by using public key authentication

OpenSSH

Here's a Terastation version.

OpenSSL and OpenSSH and using Winscp (Putty) to Access with Windows

Download:

  • Unrar it and transfer openssh-3.0.2p1.tar.gz and openssl-0.9.6e.tar.gz and groups.gz to the TeraStation by copying it to the share.
  • Untar both into the root directory of the TeraStation.
  • Untar groups.gz to /bin
  • Edit /etc/rc.d/init.d/ssh and remove the # from line 14 which mentions AUTOKEYGEN.
  • The following commands make it automatically start on boot and also start now:
  cd /etc/rc.d/rc3.d/
  ln -s ../init.d/ssh S30ssh
  /etc/rc.d/init.d/ssh start

If you've done all the steps correctly then OpenSSH should be running and also start each time you reboot the TeraStation. The version of OpenSSH that was compiled for the Kuro Box actually has a security flaw which was corrected in newer versions of OpenSSH. And now you can Access from Windows too your Tera with Winscp and make Tunnel with Putty. You can trick some Firewall with Putty and Tunnel :-)

--Inputsammler 00:41, 26 December 2006 (CET)

What is OpenSSL needed for here? --Aspiers 14:52, 1 July 2007 (CEST)

Rsync

Using the Rsync protocol daemon is probably the fastest way to read or write data to the TeraStation, and is the method by which the TeraStation backs itself up to other TeraStations. It is in fact shipped with the stock firmware but restricted (usually to other known TeraStations). You have two options: (1) remove or alter the entry from /etc/hosts.deny, or (2) use an ssh tunnel (such as the one available through Dropbear). The first option exposes your TeraStation to anyone on the network. Also, you have to alter the file every time you boot, as the file is regenerated at boot time (For example, this can be done by invoking your generation script at the end of /usr/local/bin/mkrsconf.pl). The second option is much more secure, but the resources needed for the encryption end up reducing your file throughput significantly.

Note: The rsync shipped with the stock firmware has a somewhat short maximum path length (seems to be around 160 characters), so you need to keep your directory tree shallow. Of course, you could always download the Rsync source and compile it with a larger maximum path length. (Using 1.03, I didn't seem to have this problem with long path names. -- SteveK)

Midnight Commander

For a description on how to install, see Midnight Commander.

Encryption, NTFS Support, and Windows Share Management

Aaron explains how he converted his TeraStation to an ETH-disk and gained Encryption, NTFS Support, and Windows Share Management by using an additional Windows system.

Samba

See Samba.

NFS

See NFS.

Lundman page

Alternative Media Server and FTPD. home page

llink 861k.

lundftpd 1.2m.

--Scott 19:09, 18 Aug 2005 (CEST)

Joe 3.2 a good fast editor

Download JOE-3.2 and untar into the root directory and run it with the command

  joe

Example:

  joe /etc/rc.d/init.d/ssh

The hotkey for help ist

  STRG+K+H

--Inputsammler 00:41, 26 December 2006 (CET)

There's another link for Joe 3.2 here which points to here.

Webmin installation on Terastation

I just managed to install Webmin on my Terastation. It was pretty simple, really. Just download the GZIP, unzip/untar into /root then run "./setup.sh /usr/local/webmin". I found it needed to go into /root to make some of the perl scripts to work. The only thing I had to change from the default was the location of PERL. It installs itself as another web server (<your terastation address>:10000). I'm still having a bit of trouble getting it to restart after a reboot, but once it is running you can look around in your system, adjust Samba settings, look at printers, log files, cron files, etc.

Minimalistic changes to firmware with SSH only (also includes step by step process)

Minimalistic ready-to use firmware update with step-by-step guide. All credits to the authors of this wiki.

[1] Blog post with image.

--kevin


Create your own Terastation cross toolchain

Note: If you want a nice structured build environment, try the ELDK instead.

  1. Get prepared with the appropriate files:
  2. Create a powerpc-603e.dat file in the crosstools directory:
    KERNELCONFIG=`pwd`/powerpc-603e.config
    TARGET=powerpc-603e-linux-gnu
    TARGET_CFLAGS="-O -mcpu=603e"
    GCC_EXTRA_CONFIG="--with-cpu=603e --enable-cxx-flags=-mcpu=603e"
  3. Create a build shell script in the crosstools directory:
    #!/bin/sh</code>
    set -ex</code>
    TARBALLS_DIR=/tmp/downloads
    RESULT_TOP=/opt/crosstool
    export TARBALLS_DIR RESULT_TOP
    #GCC_LANGUAGES="c,c++,java"
    GCC_LANGUAGES="c,c++"
    export GCC_LANGUAGES
    # Really, you should do the mkdir before running this,
    # and chown /opt/crosstool to yourself so you don't need to run as root.
    # mkdir -p $RESULT_TOP
    # Build the toolchain. Takes a couple hours and a couple gigabytes.
    eval `cat powerpc-603e.dat gcc-3.3.6-glibc-2.3.2.dat` sh all.sh --notest
    echo Done.
    A couple of things to note here. The Terastation stock gcc/glibc is 3.3.1/2.3.2. The gcc crossbuild #:of 3.3.1 requires a couple of extra patches to compile and 3.3.6 compiles cleanly. It's unlikely #:that something would specifically require 3.3.1 so I used 3.3.6.
    Also, note that the java language is not built. It does not compile without error in the crossbuild. #:It's probably trivial to get it to compile, I just quit trying because I don't currently have a use #:for it. If you get it to compile, please post the patch here.
  1. Start the Build
    First create the /opt/crosstools directory and make sure your compiling user (hopefully not root) has #:access to write files there, then:
    ./powerpc-603e.sh
    (Go have a beer, or six. This will take awhile. On my 1.4 GHz machine, it takes roughly 4 hours #:(hey, just be happy you're not building it on your wimpy TS). It will use about 2 GB of disk space #:as well.)

--Entropy 10:08, 30 November 2006 (CET)

Using a 3rd party Cross Toolchain

Recently, I've been using the Embedded Linux Development Kit toolchain from Denx Software Engineering. This is a FREE cross-platform toolchain with support for a number of target CPUs (including the PPC 603e in the Terastation). The complete system is managed by RPM, including the cross-build process. The base toolchain comes with quite a few "ready to install" RPMs for your target platform.

I'm using the 3.1.1-2005-06-07 version as it most closely matches the libraries already on the Terastation.

Package / Platform Terastation Pro ELDK 3.1.1-2005-06-07
gcc 3.3.1 3.3.3
glibc 2.3.2 2.3.1

--Entropy 10:50, 6 December 2006 (CET)

Building code on the Terastation using Gentoo

This is a quick and dirty way to get a working gcc build environment on the Terastation itself.

Due to the size of the Gentoo base layout, we don't want to do this on the root filesystem, or we'll fill it up. The easiest thing to do is create a new shared folder called (for example) gentoo under /mnt/array1.

Download the 2004.1 stage3 ppc tarball from one of the Gentoo Mirrors. You will need to look in the releases/historical/ppc/2004.1/stages/ppc/ directory for stage3-ppc-2004.1.tar.bz2. Put this in the gentoo folder.

cd /mnt/array1/gentoo
tar xpjvf stage3-ppc-2004.1.tar.bz2
mount -t proc proc ./proc

Copy some files over:

cp /etc/fstab etc
cp /etc/passwd etc
cp /etc/group etc
cp /etc/resolv.conf etc
cp /etc/hosts etc

Now chroot into the Gentoo environment:

bin/chroot . /bin/bash
source /etc/profile

At this point, you should have access to gcc, nano, ssh, and a host of other useful tools - certainly enough to download tarballs and build applications. I've succeeded in building unfs3, openssh, and a bunch of other apps this way. Note that anything you build must either be run from inside the chroot'd environment, OR you must resolve any additional library dependencies by copying new required libs into /lib on the real root filesystem.

I did try unsuccessfully to get the whole Gentoo portage system working - which would be pretty sweet, but I kept running into problems which I think are due to the 2004.1 release being so old. Unfortunately later versions of the stage3 tarball don't work because its libs are designed to work with a 2.6 kernel.

--Foobar 20:05, 20 February 2007 (CET)

Success reports

This is an old list of people reporting success with some of the above hacks. If you are successful (or not) with any of them, or want to add any other comments about them, please do not add to this list - instead, please add a comment under the relevant section. That way, people can see all the comments about ssh in one place, all the comments about NFS in another, and so on - makes for a much better structured wiki. Thanks!

  1. Bluefedora, 1.12, 2005-11-18
    • added dropbear as outlined below
  2. Jones, 1.12, 2005-10-11
    • Hacking with SSH and SAMBA 3.0.14a (Debian package).
    • Now I am shooting on the problem of led (STATUS/FULL) not working properly.
  3. yukiman, 1.12, 2005-12-03
    • Used Dave's firmware with 1.12 installed and update worked fine, logged in now via telnet.
    • Got dropbear working as well.
  4. mh123083, 1.12, 2006-01-13
    • Used Dave's firmware with dropbear and allnfs - works perfectly.
  5. alun, 1.12, 2006-01-19
    • Used Dave's firmware. Updated from (factory) 1.08. Have not installed anything else yet. Worried about possible nfs problems...
  6. SKarp 18:38, 2 Feb 2006 (CET)
    • Updated from stock 1.03 to Dave's firmware 1.12 and added allnfs. Working fine in early testing.
  7. Raphaël 22:55, 24 Mar 2006 (JST)
    • Updated from 2.03 to Dave's 2.03, works fine.
    • 2.05a didn't work and left my box flat, but an upgrade to 2.03 afterwards restored the situation.
  8. poxy bowsy 9 April 2006
    • Updated from 1.12 to Dave's 2.05a, but install failed, unit was EM'ed
    • reinitialized and tried to revert to 1.12a but unit was still EM'ed
    • reinitialized and tried to revert to stock 1.12 but unit was still EM'ed
    • reinitialized and installed 2.05a again and everything seems fine (whew)
  9. Ringgh0st, 1.12 2006-04-10
    • upgraded to Dave's hacked Firmware v1.12 on a v1.12 Terastation
    • added Midnight Commander (starts with a little codepage fault, but notthing really important)
    • didnt get the lundftpd working yet, the service doesnt start (no errorlog), if i try to start it manually with the -v string a "segmentation fault" pops up
  10. torbens
    • 27 April 2006: 1st station updated to Dave's v2.08a using Japanese firmware updater
    • 29 April 2006: 2nd station updated to Dave's v2.08a using Japanese firmware updater (had to use recovery with powerbutton on diag.)
    • 1 Juli 2006: 3rd station pro updates to Dave's v1.03 using Japanese firmware updater
  11. Risse-it 02.05.2006
    • Updated TS0.6GB from 1.12 to minimalistic (ssh only)
    • didn't reboot after installing MC and disc-tuning via hdparm (don't know which was the problem - i did both)
    • restored by mounting the first IDE-drive to my Gentoo-x86 (xfs_repair -L) and copied the imagefiles from minimalistic
    • hdparm now runs with -d1 -c1 -m16 -a64 -A1 -u1 -k1 -S241 (any suggestions?)
    • patched some .cgi and .pl-files for more statistics (anyone who's running rrdtool or any other statistics???)
    • USB-printer will only print from Windows (VMware) and not via smb from Gentoo or Ubuntu (Epson Stylus Color C82)
    • patched mail-notifier (to do smtp-auth)
  12. Entropy 2006-May-20
  13. --Luminaire 11:14, 31 May 2006 (CEST)
    • Used successfully on TS HD-H1.0TGL/R5 (1.12 firmware). Works a treat. Going to try NFS/NIS.

Used successfully on TS-1.0TGL/R5 Works but damn is this thing slow. Truly bound by pathetic CPU. Doesn't even begin to test the Gigabit network

  1. -- Kimbotha 14:57, 25 October 2006 (CEST)
    • 24 October 2006: Updated new 1TB Terastation from v1.12 to Dave's v2.10a - Failed first time, reapplied v2.10a and it nows works fine.
    • Installed dropbear following instructions successfully
    • Tried to install kernel mode nfs as per instructions but failed to load modules
    • installed user mode nfs as per Entropy's instructions successfully
    • currently looking to build a cross toolchain so I can build unfs3 as I need >2GB file support
  2. -- Kimbotha 16:37, 25 October 2006 (CEST)
    • While collecting the components to try and start build a cross compile toolchain I found an set of nfs kernel modules and the nfs kernel daemon here (http://downloads.linkstationwiki.net/terastation/kernel_modules/). These seem to load fine on my TS (with a change to the /etc/init.d/nfs-kernel-server to allow rpc.mountd to start). Will try and run some tests on >2GB files when I have some on there to work with.