Buffalo NAS-Central Forums

Welcome to the Linkstation Wiki community
It is currently Thu Aug 16, 2018 12:45 pm

All times are UTC+01:00




Post new topic  Reply to topic  [ 6 posts ] 
Author Message
PostPosted: Sat Aug 25, 2012 3:55 pm 
Offline
Newbie

Joined: Sat Aug 25, 2012 3:33 pm
Posts: 9
I have LS-CHL F/W 1.12 and have some issues with it. They are mainly related to Media Server (Twonky). I would like to install MiniDLNA to replace the old version of Twonky. However, there seems to be an issue with the latest firmware. ACP commander tool doesn't seem to work anymore.

I have tried to check, if telnet command is available by running ACP commander in interactive mode (java -jar acp_commander.jar -t 192.168.1.10 -s), but no matter what standard commands I'm inputting, I only get couple of empty lines back. So I cannot, for instance, list directories or do anything.

D:\x\acp_commander>java -jar acp_commander.jar -t 192.168.1.10 -s
ACP_commander out of the nas-central.org (linkstationwiki.net) project.
Used to send ACP-commands to Buffalo linkstation(R) LS-PRO.

WARNING: This is experimental software that might brick your linkstation!


Using random connID value = 35886322A416
Using target: STORAGE/192.168.1.10
Starting authentication procedure...
Sending Discover packet...
Found: STORAGE(/192.168.1.10) LS-CHL(HANZEI) (ID=00016) mac:
xx:xx:xx:xx:xx Firmware= 1.120 Key=56DEE318
Trying to authenticate EnOneCmd... ACP_STATE_OK
Enter telnet commands to LS, enter 'exit' to leave
/root>ls /bin



>

Can someone tell me is it still possible to enable telnet acceess with the latest (and probably the last) firmware from Buffalo or am I just wasting my time? Does anyone have experiences of running MiniDLNA in LC-CHL-v1? Does it work ok?


Last edited by Randomizer123 on Sun Aug 26, 2012 9:22 am, edited 1 time in total.

Top
   
PostPosted: Sun Aug 26, 2012 8:45 am 
Offline
Moderator

Joined: Fri Jun 29, 2007 10:39 am
Posts: 2604
Try "-c" and one liner instead of "-s".
So e.g. "-c ls /usr".

_________________
Please do not use private mail (PN/M) to ask questions. Use the proper forum instead. (me)

If there is no verified backup of a dataset, the dataset, by definition, is unimportant. (c't 2012)

RAID (no matter which level) never ever substitutes a backup. (me)


Top
   
PostPosted: Sun Aug 26, 2012 10:01 am 
Offline
Newbie

Joined: Sat Aug 25, 2012 3:33 pm
Posts: 9
kenatonline wrote:
Try "-c" and one liner instead of "-s".
So e.g. "-c ls /usr".


Thanks for your tip :-) I also tried that yesterday, but it was no luck for me. Fortunately, when I added option -ip "ip address", acp_commander started to work. Also interactive mode is working, so I'm in now. Managed to change the root password as well. At first I was bit confused and thought that many config files are invalid and lack a lot of needed stuff, but it was just that acp_commander only seems to be able show certain amount of characters so for instance cat command shows only the beginning of the file.

Now I'm trying to get sshd alive and kicking. Telnetd doesn't seem to be included in this firmware, so it's no go for plain telnet. Sshd executable can be found from directory /usr/local/sbin/sshd. Hopefully, this firmware has all the needed stuff enabling it. Sshd config file (/etc/sshd_config) and sh file (/etc/init.d/sshd.sh) probably need to be edited. "nas_feature" file didn't have SUPPORT_SFTP=1 line at all. I added it. My current sshd_config file looks like the one below after some editing. Tried to start sshd already, but it doesn't seem to start yet according to ps command's output.


Code:
#   $OpenBSD: sshd_config,v 1.65 2003/08/28 12:54:34 markus Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin:/usr/local/bin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options change a
# default value.

Port 22
Protocol 2,1
#ListenAddress 0.0.0.0
#ListenAddress ::

# HostKey for protocol version 1
#HostKey /etc/ssh_host_key
# HostKeys for protocol version 2
#HostKey /etc/ssh_host_rsa_key
#HostKey /etc/ssh_host_dsa_key
HostKey /etc/apache/server.key

# Lifetime and size of ephemeral version 1 server key
#KeyRegenerationInterval 1h
#ServerKeyBits 768

# Logging
#obsoletes QuietMode and FascistLogging
#SyslogFacility AUTH
#LogLevel INFO

# Authentication:

#LoginGraceTime 2m
PermitRootLogin yes
StrictModes yes

#RSAAuthentication yes
#PubkeyAuthentication yes
#AuthorizedKeysFile   .ssh/authorized_keys

# For this to work you will also need host keys in /etc/ssh_known_hosts
#RhostsRSAAuthentication no
# similar for protocol version 2
#HostbasedAuthentication no
# Change to yes if you don't trust ~/.ssh/known_hosts for
# RhostsRSAAuthentication and HostbasedAuthentication
#IgnoreUserKnownHosts no
# Don't read the user's ~/.rhosts and ~/.shosts files
#IgnoreRhosts yes

# To disable tunneled clear text passwords, change to no here!
#PasswordAuthentication yes
#PermitEmptyPasswords no

# Change to no to disable s/key passwords
#ChallengeResponseAuthentication yes

# Kerberos options
#KerberosAuthentication no
#KerberosOrLocalPasswd yes
#KerberosTicketCleanup yes

# GSSAPI options
#GSSAPIAuthentication no
#GSSAPICleanupCreds yes

# Set this to 'yes' to enable PAM authentication (via challenge-response)
# and session processing. Depending on your PAM configuration, this may
# bypass the setting of 'PasswordAuthentication'
UsePAM yes

#AllowTcpForwarding yes
#GatewayPorts no
#X11Forwarding no
#X11DisplayOffset 10
#X11UseLocalhost yes
#PrintMotd yes
#PrintLastLog yes
#KeepAlive yes
#UseLogin no
#UsePrivilegeSeparation yes
PermitUserEnvironment yes
#Compression yes
#ClientAliveInterval 0
#ClientAliveCountMax 3
#UseDNS yes
#PidFile /var/run/sshd.pid
#MaxStartups 10

# no default banner path
#Banner /some/path

# override default of no subsystems
Subsystem   sftp   /usr/local/libexec/sftp-server


Last edited by Randomizer123 on Sun Aug 26, 2012 10:28 am, edited 1 time in total.

Top
   
PostPosted: Sun Aug 26, 2012 10:19 am 
Offline
Newbie

Joined: Sat Aug 25, 2012 3:33 pm
Posts: 9
This is the ouput that I'm getting when trying this "/etc/init.d/sshd.sh start".

Code:
LoadConfFileStringEx:key=[local_auth] not found in /etc/melco/info.
load_info ItemValue = off
LoadConfFileStringEx:key=[ad_dns] not found in /etc/melco/info.
LoadConfFileOnOffEx:key=[info_visible] not found in /etc/melco/info.
LoadConfFileStringEx:key=[array1] not found in /etc/melco/diskinfo.
LoadConfFileStringEx:key=[array2] not found in /etc/melco/diskinfo.
LoadConfFileStringEx:key=[disk1] not found in /etc/melco/diskinfo.
LoadConfFileStringEx:key=[usb_disk2] not found in /etc/melco/diskinfo.
file:/etc/sftponly_config
userinfo finished
groupname admin
groupname guest
groupname hdusers
file:/etc/pam.d/sshd


"sshd.sh" file seems little bit different what I have seen in some other threads and examples in this forum...

Code:
#!/bin/sh

SSHD_DSA=/etc/ssh_host_dsa_key
SSHD_RSA=/etc/ssh_host_rsa_key
SSHD_KEY=/etc/ssh_host_key

SSHD=`which sshd`
if [ "${SSHD}" = "" -o ! -x ${SSHD} ] ; then
   echo "sshd is not supported on this platform!!!"
fi

[ -f /etc/nas_feature ] && . /etc/nas_feature

if [ "${SUPPORT_SFTP}" = "0" ] ; then
        echo "Not support sftp on this model." > /dev/console
        exit 0
fi

umask 000

sshd_keygen()
{
   if [ ! -f ${SSHD_KEY} ] ; then
      echo "1st time bootup?"
      echo "key file(${SSHD_KEY}) is not exist!!!"
      echo "Create key file, please wait for a while"
      echo y|ssh-keygen -t dsa -f ${SSHD_KEY} -N ""
      if [ $? -ne 0 ] ; then
         echo "file(${SSHD_KEY}) is created successfully."
      else
         echo "file(${SSHD_KEY}) is created failed!"
      fi
   fi
   if [ ! -f ${SSHD_DSA} ] ; then
      echo "1st time bootup?"
      echo "key file(${SSHD_DSA}) is not exist!!!"
      echo "Create key file, please wait for a while"
      echo y|ssh-keygen -t dsa -f ${SSHD_DSA} -N ""
      if [ $? -ne 0 ] ; then
         echo "file(${SSHD_DSA}) is created successfully."
      else
         echo "file(${SSHD_DSA}) is created failed!"
      fi
   fi
   if [ ! -f ${SSHD_RSA} ] ; then
      echo "1st time bootup?"
      echo "key file(${SSHD_RSA}) is not exist!!!"
      echo "Create key file, please wait for a while"
      echo y|ssh-keygen -t rsa -f ${SSHD_RSA} -N ""
      if [ $? -ne 0 ] ; then
         echo "file(${SSHD_RSA}) is created successfully."
      else
         echo "file(${SSHD_RSA}) is created failed!"
      fi

   fi
}

sshd_start()
{
   sshd_keygen
   nas_configgen -c sftp
   LD_PRELOAD=/usr/local/lib/libondemandsync.so ${SSHD}
}

sshd_stop()
{
   killall sshd
}


case $1 in
start)
   sshd_start
   ;;
stop)
   sshd_stop
   ;;
restart)
   sshd_stop
   sleep 1
   sshd_start
   ;;
*)
   echo "Unknown argument"
   ;;
esac

exit 0


Top
   
PostPosted: Sun Aug 26, 2012 1:57 pm 
Offline
Moderator

Joined: Fri Jun 29, 2007 10:39 am
Posts: 2604
Remove the if-clause with SUPPORT_SFTP completely from sshd.sh
(read: from "if" until "fi").
If you don't care about security (because you do not connect from INet),
set "UsePAM" to "no" in sshd_config.
If you want to connect from INet, use public key authentication and NOT
password authentication.
You have to set "PasswordAuthentication" to "no" and "PubkeyAuthentication"
to "yes". In addition to this, you have to insert your public key into the
authorized_keys file in ".ssh" directory within your (Read: root) home dir.
There are several guides for the kirkwood based boxes describing this
task (and also a bunch of them describing the unsecure user/password
way) in our wiki.

_________________
Please do not use private mail (PN/M) to ask questions. Use the proper forum instead. (me)

If there is no verified backup of a dataset, the dataset, by definition, is unimportant. (c't 2012)

RAID (no matter which level) never ever substitutes a backup. (me)


Top
   
PostPosted: Sun Aug 26, 2012 6:12 pm 
Offline
Newbie

Joined: Sat Aug 25, 2012 3:33 pm
Posts: 9
kenatonline wrote:
Remove the if-clause with SUPPORT_SFTP completely from sshd.sh
(read: from "if" until "fi").
If you don't care about security (because you do not connect from INet),
set "UsePAM" to "no" in sshd_config.
If you want to connect from INet, use public key authentication and NOT
password authentication.
You have to set "PasswordAuthentication" to "no" and "PubkeyAuthentication"
to "yes". In addition to this, you have to insert your public key into the
authorized_keys file in ".ssh" directory within your (Read: root) home dir.
There are several guides for the kirkwood based boxes describing this
task (and also a bunch of them describing the unsecure user/password
way) in our wiki.


Ok, now it's alive! I couldn't get sshd to run no matter what I did. I replaced the original sshd.sh with my own custom version, but just that didn't help. It was bit problematic that sshd didn't log anything. Once I understood that it must be writing errors to standard error out, problem started to sort out. I redirected stderr to stdout and could see what was the real problem. There was an uncommented line "HostKey /etc/apache/server.key" in the config. That key isn't available. I commented that line out, and voila, ssh was started and I finally managed to login succesfully.

I'll have to configure key authentication later. My NAS isn't visible to internet, so currently it's not an issue, but has to be done anyway later on. Maybe it's now time to try installing MiniDlna to replace the buggy Twonky.


Top
   
Display posts from previous:  Sort by  
Post new topic  Reply to topic  [ 6 posts ] 

All times are UTC+01:00


Who is online

Users browsing this forum: No registered users and 1 guest


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Powered by phpBB® Forum Software © phpBB Limited