Difference between revisions of "Open Stock Firmware LS-VL"

From NAS-Central Buffalo - The Linkstation Wiki
Jump to: navigation, search
(Created page with "=Important= The tool ''acp_commander'' is used. You can find the readme here: http://downloads.buffalo.nas-central.org/TOOLS/ALL_LS_KB_ARM9/ACP_COMMANDER/README . The tool itsel…")
 
(The guide)
Line 27: Line 27:
 
Put your public key in a file named ''authorized_keys'' and put the file onto the share "share" (do not use a subdirectory).
 
Put your public key in a file named ''authorized_keys'' and put the file onto the share "share" (do not use a subdirectory).
  
First we will create the directory for the ssh keys which the box should accept for login as root.
+
First we will create the directory for the ssh keys which the box should accept for logins as root.
 
   java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "mkdir /root/.ssh"
 
   java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "mkdir /root/.ssh"
  

Revision as of 22:11, 4 February 2011

Contents

Important

The tool acp_commander is used. You can find the readme here: http://downloads.buffalo.nas-central.org/TOOLS/ALL_LS_KB_ARM9/ACP_COMMANDER/README .

The tool itself is here: http://downloads.nas-central.org/TOOLS/ALL_LS_KB_ARM9/ACP_COMMANDER/acp_commander.jar .

Do not use the "-o" option of the acp_commander. It will not work. Do not use "-addons" either, because it will copy incompatible software onto the box.

Is this guide working for the LS-VL only?

No, this should work for all current LS with current firmware (>= 1.36 and maybe even the ones before).
But you can also use the guide from the LS-XHL, but the one from the LS-XHL is more complicated.

What will be done?

We will use the "-c" feature of acp_commander. This will execute the command as user root (without a profile loaded).

We will also use the share "share" to copy some files for gaining access.

We will not use telnet but ssh for "opening".

What is necessary?

You need a private/public key pair for ssh.
You can create such a pair using Putty on Windows. The private key will be used by Putty and the public key will be transfered to the LS and used by sshd.
On Linux you can create the keypair with ssh_keygen.

The guide

Please replace the IP address within the commandlines below against the one from your LS.

Put your public key in a file named authorized_keys and put the file onto the share "share" (do not use a subdirectory).

First we will create the directory for the ssh keys which the box should accept for logins as root.

  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "mkdir /root/.ssh"
  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "chmod 600 /root/.ssh"

Then we copy the file containing the keys into the created directory.

  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "cp /mnt/disk1/share/authorized_keys /root/.ssh/"
  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "chmod 600 /root/.ssh/authorized_keys"

Then we rename sshd_config for backup purposes.

  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "mv /etc/sshd_config /etc/sshd_config.ori"

Next we remove all references to PermitRootLogin and create a new sshd_config.

  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "grep -v PermitRootLogin /etc/sshd_config.ori > /etc/sshd_config"

Finally we add the PermitRootLogin Yes into the new sshd_config file.

  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "echo PermitRootLogin Yes >> /etc/sshd_config"
  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "chmod 600 /etc/sshd_config"

Last we restart the sshd.

  java -jar acp_commander.jar -t 192.168.172.1 -ip 192.168.172.1 -pw password -c "/etc/init.d/sshd.sh restart"

The result

Now you can connect as root via "ssh root@192.168.172.1".
You can do whatever you want with your LS, because it is open!