I locked myself out of SSHd

Hi,

I was trying to harden the SSHd by using the pubkey authentification but something went wrong in my key setup. (Perhaps the permissions of the .ssh folder or the authenticated_keys file - StrictMode is enabled by default on MBL). That wouldn’t be a problem if I wouldn’t have set "PasswordAuthentication no"  at the same time without checking that my pubkey authentification actually works.

Question: How can I restore my OS to factory default?

First I tried a Quick Factory Reset then a Full Factory Reset in hope that it will also re-install the OS - but it did not.

Then I tried to install an outdated firmware over the WebUI but it didn’t let me and showed “Error Invalid Firmware”.

I thought that perhaps re-installing the current firmware - which is installed - could work but I wasn’t able to find that particular firmware version.

MyBookLive 02.32.06-006 : Core F/W

Wed 10 Oct 2012 04:06:13 PM PDT

Any ideas are welcome. :slight_smile:

updateFile.deb UPDATED TO WORK WITH CURRENT AND FUTURE FIRMWARE

Ok this was a tough one but I got it working over here perfectly after creating my own update deb file :slight_smile:

  1. Download the latest MBL firmware from http://download.wdc.com/nas/apnc-023205-046-20120910.deb

  2. Download 7zip from http://www.7-zip.org/download.html

  3. Install 7zip and open it and point it to the MyBookLive firmware “apnc-023205-046-20120910.deb” and double click and you will see “data.tar” where you will again double click and be presented with a “.”  Double click the “.” then double click “cache volume” then double click “upgrade” and then highlight “rootfs.img” and hit extract

  4. Copy “rootfs.img” to the root of your Public share on your MyBookLive

  5. Download my updateFile.deb from http://www.mediafire.com/?6yyo0vacy2ijquv

  6. Open the dashboard and go to Settings/ Updates /Update From File and point it to updateFile.deb that you downloaded in step 5 and click OK

  7. My updateFile.deb will simply copy my modified resetButtonAction.sh file to your MyBookLive

  8. Your drive will reboot… Allow it to totally reboot and press in the reset button on the back of the MyBookLive for 5-8 seconds (This will start the debricking script)

  9. The light will start flashing red…It is running a script which is doing a factory fresh OS install on your drive from the file you placed in your Public folder

  10. The drive will reboot when the script is done and you should now be on factory fresh 023205-046-20120910 firmware

  11. Report back :slight_smile:

2 Likes

Awesome, absolutely awesome! Thank you so much!

I am still a bit confused what kind of firmware was installed before, I haven’t found any information about it neither on the WD website nor with Google. How different is this firmware with the other one?

Version:MyBookLive 02.32.05-046 : Core F/W

Last Update:Mon 10 May 2010 11:35:06 AM PDT

It says last updated in 2010, another “Check for update” said that I am currently using the latest firmware.

I’m guessing not much different. WD never released MyBookLive 02.32.06-006 online but it appears they are putting it on new units at the factory. What you are running now is the latest version available online.

It took me awhile to figure out how to create a .deb that would work through the dashboard and then just copy a file to a specific location while keeping the files attributes but it was a fun learning experience :slight_smile:

Before you go messing around too much with the OS, take a look at my guide on firmware restoring/downgrading/upgrading using the reset button. It gives a bit of a safety net if you don’t mess up the OS too bad. It will allow you to debrick if you lose SSH and even Dashboard access just by using the reset button.

Please note, you will need to overwrite resetButtonAction.sh at /usr/local/sbin any time you restore or downgrade the firmware on the drive as it will overwrite the modified script file.

http://community.wdc.com/t5/My-Book-Live/GUIDE-Restore-Downgrade-firmware-via-the-reset-button/m-p/481588#M15044

1 Like

Hi there!

nfodiz, could you please upload updateFile.deb file to another place, because I can’t download it from

http://www.mediafire.com/?li1c3bukak3dq0q

Thanks beforehand!

PM me your email and I will send it to you. It’s only a 2KB file

1 Like

File sent :slight_smile: Let me know how you make out

1 Like

Thanks for the file! I have received it successfully. Could you please explain what does this script do exactly? Does it modify the reset button script? Is there any way to open this file with some text editor or some other program to see the source code before I try it? Sorry for my English.

Thanks again!

Yes it replaces the resetButtonAction.sh script with a script that reinstalls the OS from scratch. You can open the .deb file with 7-zip to take a peek at the script. Download 7-zip 9.10 or earlier if you want to take a look at the preinstall and postinstall scripts as well because they won’t show up in 7-zip 9.20. The scripts all open up best in notepad++ but will also open in notepad, but the formatting will be messed up as they use unix formatting.

control.tar.gz - control.tar - ./

Control

debian-binary

postinst

postinst~

preinst

preinst~

Control

Package: apnc
Version: 02.32.06-007
Section: base
Priority: Important
Architecture: powerpc
Maintainer: EDITED
Installed-size: 1999828
Description: Apollo xNC upgrade package
 This is the overall upgrade package for the Apollo xNC program.

 debian-binary

2.0

 preinst

#!/bin/sh
#
# preinst - upgrade pre-install script
#
#
PATH=/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin
. /usr/local/sbin/disk-param.sh
echo "upgrading 1" > /tmp/fw_update_status

 postinst

#!/bin/sh
#
# postinst - upgrade post install script
#
#
PATH=/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin

#bring in the new
cp -prf /DataVolume/usr/local/sbin/resetButtonAction.sh /usr/local/sbin

sleep 5
echo "upgrading 100" > /tmp/fw_update_status

echo "Done..."

 data.tar.gz - data.tar - ./DataVolume/usr/local/sbin/resetButtonAction.sh

#!/bin/bash

PATH=/sbin:/bin:/usr/bin:/usr/sbin:/usr/local/bin:/usr/local/sbin

echo red > /sys/class/leds/a3g_led/color
echo yes > /sys/class/leds/a3g_led/blink

echo

#sets $image_img
image_img="/DataVolume/shares/Public/rootfs.img"
echo

# Sort out what MD device is what
currentRootDevice=`cat /proc/cmdline | awk '/root/ { print $1 }' | cut -d= -f2`
if ["${currentRootDevice}" = "/dev/md0"]; then
    upgradeRootDevice="/dev/md1"
elif ["${currentRootDevice}" = "/dev/md1"]; then
    upgradeRootDevice="/dev/md0"
else
    echo "Unknown rootfs boot device: '${currentRootDevice}', exiting."
    exit 1
fi

echo "currentRootDevice = ${currentRootDevice}"
echo "upgradeRootDevice = ${upgradeRootDevice}"
echo

# If the upgrade MD device is used, shut it down
if [-e $upgradeRootDevice]; then
    echo "stopping upgrade md device ${upgradeRootDevice}"
    echo
    mdadm --stop $upgradeRootDevice
    mdadm --wait $upgradeRootDevice
    sleep 1
fi

echo "Ensure both partitions are members of the original MD device"
# "--remove" only remove failed disks and "--add" them causes resyncing
mdadm ${currentRootDevice} --remove /dev/sda1 #> /dev/null 2>&1
mdadm ${currentRootDevice} --add /dev/sda1 #> /dev/null 2>&1
mdadm --wait ${currentRootDevice}
mdadm ${currentRootDevice} --remove /dev/sda2 #> /dev/null 2>&1
mdadm ${currentRootDevice} --add /dev/sda2 #> /dev/null 2>&1
mdadm --wait ${currentRootDevice}
sleep 1

echo
echo "Setting up the upgraded raid unit"
sync
mdadm --wait ${currentRootDevice}
mdadm ${currentRootDevice} -f /dev/sda1 -r /dev/sda1 2> /dev/null > /dev/null
mdadm --wait ${currentRootDevice}
sleep 1
mdadm --zero-superblock --force --verbose /dev/sda1
mdadm --create ${upgradeRootDevice} --verbose --metadata=0.9 --raid-devices=2 --level=raid1 --run /dev/sda1 missing
mdadm --wait ${upgradeRootDevice}
sleep 1
sync
mkfs.ext3 -c -b 4096 ${upgradeRootDevice}
sync
echo

# installing new image on update device
# img file was searched for by ./findImage.sh
echo "Copy image to upgrade device ${upgradeRootDevice}"
dd if=${image_img} of=${upgradeRootDevice}
echo

# new OS was accepted
mkdir -p /mnt/rootfs
mount ${upgradeRootDevice} /mnt/rootfs

#needed
touch /mnt/rootfs/etc/.updateInProgress
chmod 777 /mnt/rootfs/etc/.updateInProgress

#enable ssh
echo "enabled" > /mnt/rootfs/etc/nas/service_startup/ssh

# copy uboot script too boot directory
if [${upgradeRootDevice} == "/dev/md0"]; then
    cp /mnt/rootfs/usr/local/share/bootmd0.scr /mnt/rootfs/boot/boot.scr
else
    cp /mnt/rootfs/usr/local/share/bootmd1.scr /mnt/rootfs/boot/boot.scr
fi

# some safety since it is a critical step here
sync
sleep 2
umount /mnt/rootfs
sleep 2
sync
echo

# ensures reboot
echo no > /sys/class/leds/a3g_led/blink
echo yellow > /sys/class/leds/a3g_led/color
echo "all done, now rebooting"
shutdown -r 0

Please note the script will not touch your data partition, but you will have to do the following to re-link your shares

The Public share link does not get touched so will remain valid

If your shares are still listed in the MyBookLive dashboard but are not accessible, rename the shares and then rename them back to get them linked properly again.
EX. Movies > Movies1 > Movies
If your shares are missing in the MyBookLive dashboard, recreate them in the dashboard and you will be able to access your data again

A reboot is required to get the share and drive usage totals to reflect the actual data usage after these changes

Thanks for the scripts, nfodiz! I basically have two more questions.

  1. From now on any time when I push the reset button a script will run and reinstall MBL OS again?
    So the original function of the reset button (resetting user’s password to factory deafult and enabling of DHCP) will be lost?

  2. I have some 3rd party software on MBL (Transmission bittorent client and Servio media server and etc). Will they be affected after this update?

Thanks beforehand!

  1. No the reset button script will go back to the original script after you run it as it installs a stock OS
  2. Yes your mods will be deleted as you will be back to factory fresh stock firmware

Once you fix your drive and get everything installed back the way you like it, check out this guide, which shows you how to backup your custom OS to a rootfs.img file that can be restored at anytime by using the modified resetButtonAction.sh script.

http://community.wdc.com/t5/My-Book-Live/GUIDE-Build-a-Custom-Firmware/m-p/533729/highlight/true#M18066

I’m so into these mods that I forgot to tell you that you could also just simply download the same firmware that is currently on your MyBookLive and do an upgrade from file from the dashboard and it should install a fresh copy of the firmware on your drive. All mods will still be removed but it should fix your SSH issue

Thanks very much! You are the man! Will definetely try that other guide later too. :wink: