NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
ReadyNAS NV+ "half-bricked" by apt-get update+install
in short: anonymous shares are acessible from Windows, but no webbased admin of readyNAS or SSH access. Both port 80 and port 22 is dead.
I own two readyNAS NV+
I have installed the ssh and apt-addons.
I installed a few standard packages like dselect.
(I have used Debian on most of my linux boxes since 1999.)
On one of the readyNAS I did an apt-get update and then "install updates" through dselect. (dselect=an old debian menu shell around apt). I was planning to connect that box to a internet-facing connection and wanted everything to be up-to-date security-wise.
I got questions about updating the security to debian policy. I said hastily OK, since it was one of many many updates that seemed to be needed. You can see my sources for updates at the end.
After that and a reboot, no webbbased interfaces was alive. ssh was also offline. Seems like the update changed access rights and possibly also changed password storage from /etc/passwords (encrypted but anyone can read) to /etc/shadow (encrypted, only root priv can read, the norm on Debian systems)
Note to ReadyNAS developers at Infrant/Netgear/elsewhere:
ReadyNAS might need some blocking packages or pinning short-term to avoid "half-bricking" the system. And in the long run, wouldn't it be nice if the Raidiator et al played nicely with debian standard security setup?
Half-bricked?
I have done a firmware reinstall, didn't help. I now have to go to factory default or USB-based firmware recovery. Thus killing a painstakingly organised 4TB x-raided archive, consolidated over a few weeks from a number of less organized 500GB USB-disks. I fiddled with this box because I needed to set up OpenVPN tunnels to securely access my archive, and in time mirror them between several readyNAS in different locations.
The only thing I can do with this box is to access the shares that has anonymous access rights. Any share with restricted rights does not work, since the passwords seems shot, possible linked to the debian updated password system.
/Erik Lundh
My /etc/apt/sources.list for readyNAS NV+
deb http://www.readynas.com/packages readynas/
deb http://http.us.debian.org/debian sarge main contrib non-free
deb http://non-us.debian.org/debian-non-US sarge/non-US main contrib non-free
deb http://security.debian.org sarge/updates main contrib non-free
deb-src http://http.us.debian.org/debian sarge main contrib non-free
deb-src http://non-us.debian.org/debian-non-US sarge/non-US main contrib non-free
I own two readyNAS NV+
I have installed the ssh and apt-addons.
I installed a few standard packages like dselect.
(I have used Debian on most of my linux boxes since 1999.)
On one of the readyNAS I did an apt-get update and then "install updates" through dselect. (dselect=an old debian menu shell around apt). I was planning to connect that box to a internet-facing connection and wanted everything to be up-to-date security-wise.
I got questions about updating the security to debian policy. I said hastily OK, since it was one of many many updates that seemed to be needed. You can see my sources for updates at the end.
After that and a reboot, no webbbased interfaces was alive. ssh was also offline. Seems like the update changed access rights and possibly also changed password storage from /etc/passwords (encrypted but anyone can read) to /etc/shadow (encrypted, only root priv can read, the norm on Debian systems)
Note to ReadyNAS developers at Infrant/Netgear/elsewhere:
ReadyNAS might need some blocking packages or pinning short-term to avoid "half-bricking" the system. And in the long run, wouldn't it be nice if the Raidiator et al played nicely with debian standard security setup?
Half-bricked?
I have done a firmware reinstall, didn't help. I now have to go to factory default or USB-based firmware recovery. Thus killing a painstakingly organised 4TB x-raided archive, consolidated over a few weeks from a number of less organized 500GB USB-disks. I fiddled with this box because I needed to set up OpenVPN tunnels to securely access my archive, and in time mirror them between several readyNAS in different locations.
The only thing I can do with this box is to access the shares that has anonymous access rights. Any share with restricted rights does not work, since the passwords seems shot, possible linked to the debian updated password system.
/Erik Lundh
My /etc/apt/sources.list for readyNAS NV+
deb http://www.readynas.com/packages readynas/
deb http://http.us.debian.org/debian sarge main contrib non-free
deb http://non-us.debian.org/debian-non-US sarge/non-US main contrib non-free
deb http://security.debian.org sarge/updates main contrib non-free
deb-src http://http.us.debian.org/debian sarge main contrib non-free
deb-src http://non-us.debian.org/debian-non-US sarge/non-US main contrib non-free
15 Replies
Replies have been turned off for this discussion
- I managed to do the same thing. However when the users/groups were being deleted the update stated that the files were renamed to /etc/passwd.org and etc/group.org. I booted to the telnet option (hold the power button for 15 seconds when you power the nas on, and then connect using the tech support mode credentials.
you can the mount the first drive
I used this
mount /dev/hdc1 /loopfs
changed to the loopfs/etc directory
mv group group.new
mv group.org group
mv passwd passwd.new
mv passwd.org passwd.
I then rebooted and was able to access frontview fine and it appears to be running faster. - Be careful with that. Without X-RAID started, disk 1 partition 1 may be out of sync with the other disks. If disk 1 fails and it has to be recovered from the other disks, your changes may be lost. X-RAID on the Sparc systems is run at a low level, the kernel is not fully aware of it.
I don't have the X-RAID commands, but with enough searching, they can be found in the init scripts. - I think you could also remove/reinsert disk 4 (the NV+ parity disk), which should rebuild the parity. Of course the backup should be updated first.
- Regarding brogahn's post above (which works), instead of rebooting into telnet mode, simply copy over passwd and group files after completing the apt-get dist-upgrade and before rebooting.
- Thank you for this! I thought I'd really done it this time. Idk if it will help anyone but I used this guide to get Telnet installed on Win 7.
http://www.wikihow.com/Activate-Telnet-in-Windows-7
Also, after running the commands and logging into Frontview the password had reverted to default. In my case, for the NV+, that was `netgear1` with username of `admin`.
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
