Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
Thank you so much @StephenB and all of the others that contributed to this thread. You helped me recover what an apparently bricked NV+ v3 unit. Yes I know the unit is old, but so am I.
The physical label on the machine indicates v3. As I understand, the v3 units were just like the v2, but were a minor software variation at the time of manufacture. A "distinction without a difference" so to speak. Is that correct?
At the time it went south on me, it was at level 4.1.14. With your procedures, I was able to recover to somewhat "normal" web access to it. THEN, I was able to upgrade it to 4.1.16 which corrected that SAMBA issue. Now we are making progress.
The physical label on the machine indicates v3. As I understand, the v3 units were just like the v2, but were a minor software variation at the time of manufacture. A "distinction without a difference" so to speak. Is that correct?
Now here comes the rub. I am trying to upgrade it to version 5.3.13 to get TSL 1.2,
You actually have the original NV+ (called a v1 here). The labeling is confusing, thanks to a poor branding decision on Netgear's part. The v3 in your case was a minor hardware change, not a platform change. In other words, the original NV+ shipped with both v2 and v3 labels, but they are very different from the NV+ v2 platform.
Since you have a sparc-based NAS, you can't install 5.3.x firmware (which is for the "real" v2 which has an arm CPU). And there is no TLS 1.2 add-on available for 4.1.x firmware.
Your only options are to
Make the change to virtual.conf so you can access Frontview with normal (unencrypted) http
Use FireFox with the security setting change - setting security.tls.version.min to 1. (Browse to about:config and search for the setting).
I have heard you explain this before, but it finally landed. Yes, the branding / model / versioning really took me off the rails. Lesson learned for anyone in marketing.
I have a ReadyNAS314 and Ready316 that are still working for me so I think it is time to say goodbye to the NV+V1(NOT V3). I can not expose this old unit. Too risky.
A very gracious thank you again Stephen for all of your many contributions. You rock.
PS. I do need another NAS unit. Any pointers to a good discussion forum for new brands / models to buy? Netgear? Synology? Buffalo? Qnap?
Any pointers to a good discussion forum for new brands / models to buy? Netgear? Synology? Buffalo? Qnap?
If I were looking now, I'd start with
Asustor
QNAP
Synology
(alphabetical, no priority). This is just a starting point, as I don't own any of these.
Since I have an always-on PC acting as an application server, I'd also be looking at USB-C (or PCiE interface) expansion chassis to connect directly to that PC. Then I could create shares on the PC. Not sure I really need RAID, given the size of current disks and my backups.
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
If you can't use that NVS unit any more--I still can since I block my NAS units from anything but LAN access and don't worry about the browser messages. It would be great with the other NVS unit I rescued. 🙂
As far as other nas units, it depends on what you want to do. If you want reliable plain jane NAS, as you know the Readynas line does a fine job. If you want reliable NAS, but with the ability to do other things, both synology and qnap have made a solid name for themselves with their solid products and you can't go wrong with either of them. Just stay on top of security with them because with their popularity they are the number one ransomware targets and almost any bug gets exploited very quickly. (Another reason I don't let any of my NAS units touch the Internet and vice versa.)
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
This is a great workaround. Thank you.
I did not think i would be using the Readynas Duo in 2024 but I have 2, both have sat doing nothing for 10 years and I was about to bin them and in resetting them I fired them up again. Thank you so much.
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
You're welcome! Definitely do not bin them if they're still working! My NVX is still running strong and probably will for a long time. In another 10 years these units will be in demand as they will be the only type of units that will work with computers from the same era as modern units won't work. And I'm lucky enough that old computers work fine for what I need daily, so if you ever find yourself not needing them anymore, please reach out to me and I can give them a new home.
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
Same, my first Infrant RN600, NV+, Pro6 and 628x are ALL still going strong! I've even dockerized all my debian packages to install in /apps, show up in frontview apps with a toggle for OS6 and am able to update to "latest" docker images on most packages, except the few that require a newer docker (like Portainer) version than Debian Jessie provides. It should still last awhile I would think.
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
Can I thank you and Samir for your very kind and motivating replies.
To Samir - I may have a bit of redundant tech. I run a factory and the 2013 server went down about 2 weeks ago. There is a motherboard, CPU and RAM going there. I am upgrading a few computers over the next few months. I just need a way to get them to you! I am in Derby, UK.
I really bemoan tech going out of circulation. My computers are all over 10 years old and generally going strong. I do belevie in updating drives every now and then, though. I was actually complaining to Netgear last night about end of lifeing products. In my workshop I have a lathe from the 1950's and a bench grinder that was my fathers, from 1960, which I refurbished in 1984 and again in 2023. It will see me out.
I converted all computers at work and home to Linux in around 2010 and only moved back to Windows when my accounting software required Windows. I should not have moved, really, as running Windows as a virtual machine worked just as well.
I pretty well build all my own computers now. Sorry, Givemynameback - I have not adventured into Docker but my next project wil likely be into Kubernetes - athough I am working on ESP-32's. Unless you have a link to where you have explained how you have installed the Docker images .... I have just had a busy few years where tech has struggled getting to the forefront of everything else. I have just moved house and put an area for computer and general tech in my office here.
I have set up one ReadyNasDuo to stream music for me. It is working like a dream. With your encouragement I will keep it going and probably keep the second as a spare. It was a near miss from putting them in the bin. I wanted to wipe the drives and ended up updating them, with your guidance.
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
You're welcome!
Oh wow! That's really cool. UK is over the pond from the US, so what would recommend is giving the units away there in the UK if you could. A good place to start is reddit hardwareswap for the computers and reddit homelabsales for the servers. And if no one wants them, I'm sure I can figure out the logistics to get them to me. 🙂
The fire of 'planned obsolesense' is being fanned and ignited by the cyberthreats that are constantly requiring updates. Today's hardware becomes 'obsolete' not because they are defective in any way, but because the software is. And most everyone misses the point that the second you disconnect the hardware from the Internet, it is generally safe to use (however not in environments where lateral movements by a threat can get to the machine). It is quite sad that things are no longer 'built to last' and are instead are being built 'just good enough' to be trashed. The global problem of ewaste is a serious one and one that consumers are blind to as they chase their new shiny device that will be trash inside of 3 years.
Virtual machines are a really good solution for legacy software and hardware requirements. And sometimes you just need the original machine, and that's fine too. What I've always considered to a be a disconnect is how the 'ewaste' from the developed world could easily be the building blocks for the developing world, but the developing world also only wants the 'new shiny' so they won't take 'hand me downs'. Pride isn't a technology problem.
For things like Docker and Kubernetes, I have heard Proxmox is a great place to start, especially since it can scale easily into HA and clusters. It's what I plan to play with when I can and move our legacy applications to vs bare metal hardware like we have now.
Back in the day we had something call a Radio that streamed music according to someone else's program--to be able to have music that you want on demand is still a great use for it, and it will last a long time in that capacity. Kinda like using an ipad 1 as an alarm clock--it's the greatest alarm clock you can get even though it's 'obsolete' as a tablet. Re-purposing should be the first thing that comes to mind for older electronics--how many cell phones get thrown away when they are terrific calculators and alarm clocks...
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
Thank you SamirD.
You are very kind with your detailed reply. It's a shame you are so far away.
I tend to run tech until i have burnt through at least one power supply and a failed hard disc! Just, at work, it can be a bit painful. When my server went down with my Active Director Domain Controller and the backup did not kick in, it was a it desperate. So, at work, I do have to replace for productivity. Although the factory is still on 2008 hardware. It leads me back to reliance on Windows and not Linux. They get so slow.
I was asking myself if running a cloud would let me run tech until it broke. Then I could just add another node using old tech.
I will give Proxmox a look at. Thank you for the tip and your support.
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
You're welcome. It is a shame, but I know there's always people that think as we do about tech and you're bound to find someone locally. If not, international freight rates aren't too bad.
I pretty much do the same thing, and then I will get back to the broken machine years later and fix it and put it back in service. Kind of a continuous task, but that's anything IT ime.
Ouch that sounded like a bit of a nightmare at a factory! There are certain servers for us that are mission critical like, but we made them modular--the server and the storage are easily separated and distributed to other systems on the network. And there's physical redundancy on the storage so we can even remove part of the storage and connect it to another system and be back up and running 100% in short order.
What's interesting about virtualizing hardware and high availability/clustering setups is that you can take bare metal hardware into the virtual world and then make the old hardware as part of the whole cluster. And then when the hardware finally fails, you can simply not use it in the cluster or repair it and put it back in place--while all the while the virtual machines just keep working. This is what I want to do with all of our stuff eventually. We even have all the hardware to do it--it's just time to configure and test out everything before fully switching over. And this applies to linux too so you can use that side by side with windows on the same hardware.
Proxmox seems to be the most popular free hypervisor environment out there right now. I haven't played with it much myself, but have read the docs cover to cover in preparation for our inevitable switch to virtualization. I would really be interested in what you think of it once you've played with it.
Re: Workaround for ERR_SSL_VERSION_OR_CIPHER_MISMATCH problem for Sparc NAS (4.1.x firmware)
The ReadyNAS hardware is really quite robust, IMHO. Many have and use units from before Infrant was bought by Netgear. But technology is a fickle thing. It seems that "everyone" wants the latest, greatest thing, and that requires more and more capable hardware, making the old hardware obsolete. I personally think there are a lot of folks who really don't want that and that the developers say they do only to justify updates that add functions (whether useful or not) and then require better hardware to run it. But the security aspects certainly do have to be kept up to date, which can drive hardware requirements.
Infrant/Netgear's choice to use Debian Linux as the core of the ReadyNAS OS (less customized than most other NAS developers, too) is a two-edged sword. It made it easier to create and for users to utilize existing apps. But it also meant that they relied on somebody else for updates and maintenance of old versions. And it took away their control of the hardware needed to run the latest version. Their very restrictive stance on apps specific to the ReadyNAS (not embracing Docker, for example) was definitely a misstep. I believe it was one of the factors that reduced their market share. And with their sales model not including charging for OS updates, their entire business model relied on the sale of new hardware. With reduced market share and old hardware just keeping on working, it was not a workable business model. Add to that that security updates were a must if they didn't want to open themselves up to liability issues, and "cut and run" becomes the exit path of least resistance, especially to the current class of typical CEOs and board members who really know little about their own technology. Decisions are based on stock price and how it will be affected, not technical merit.
I would love to see Netgear release the OS and the source code of their proprietary portion, but I can see that if doing so led someone to discover a back door, that would be a huge legal problem for them; so I don't see it happening.
Oh how I would love to see somebody (the old Infrant "Jedi" come to mind) buy the rights to the ReadyNAS OS. I would gladly pay for an updated OS to keep the hardware going. While I'm now using rack-mount units and could install an open source OS on them, most don't have that option. And I do like the idea of a "plug and play" OS rather than something I have to keep up to date myself.
@WhoCares_ is working on a replacement for all, but he's got a ways to go before it's ready for prime time. And he's doing it relying only on the Linux base and reverse engineering of ReadyNASOS instead of having any assistance from Netgear.
