This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
This is a question for the Netgear folks really but I was wondering whether the Netgear support team would connect to a device via SSH or HTTPS if the user / customer provided connection details and credentials.
The reason for this ask is I am out of the country for a couple of weeks one of my clients uses a ReadyNAS solution. In the even they called me due to a system issue, if I were to be able to provide support access via SSH / HTTPS would that be allowed as opposed to using the tech support boot option? Of course this only applies if the system is up.
Very unlikely I would need to use this but wanted to check.
We have a Secure Diagnostics Mode that can be enabled if the http/s service is running. We've configured a safe mode fallback so the https service should remain running unless there is a crash or it was forced off by an Out of Memory condition (OOM is caused by a memory leak - a process uses too much memory so the system has no choice but to forcibly shutdown processes). This is preferable to tech support mode in most cases.
For some problems you do need the system to be running normally to diagnose effectively.
Secure Diagnostics Mode can be enabled even if the management service is offline unless you're still running ancient 6.1.8 or earlier firmware (which you shouldn't be).
On 6.1.x and earlier Secure Diagnostics Mode was called Remote Access SSH. Some users didn't seem to realise this was SSH for support only so we renamed it to something a bit more obvious.
Tech support mode is a low level diagnostic mode useful for diagnosing a wide range of problems. In tech support mode the RAID has to be manually started, the OS and volume manually mounted etc. For some problems tech support mode is necessary.
On older ReadyNAS we have the Remote Access SSH add-on as an alternative to tech support mode.
We have a Secure Diagnostics Mode that can be enabled if the http/s service is running. We've configured a safe mode fallback so the https service should remain running unless there is a crash or it was forced off by an Out of Memory condition (OOM is caused by a memory leak - a process uses too much memory so the system has no choice but to forcibly shutdown processes). This is preferable to tech support mode in most cases.
For some problems you do need the system to be running normally to diagnose effectively.
Secure Diagnostics Mode can be enabled even if the management service is offline unless you're still running ancient 6.1.8 or earlier firmware (which you shouldn't be).
On 6.1.x and earlier Secure Diagnostics Mode was called Remote Access SSH. Some users didn't seem to realise this was SSH for support only so we renamed it to something a bit more obvious.
Tech support mode is a low level diagnostic mode useful for diagnosing a wide range of problems. In tech support mode the RAID has to be manually started, the OS and volume manually mounted etc. For some problems tech support mode is necessary.
On older ReadyNAS we have the Remote Access SSH add-on as an alternative to tech support mode.
Is there any value in having the secure diagnostics enabled all the time for a server in a remote location? From what you have said it should always be possible to enable this mode providing the device has not crashed / ran out of memory.
One thing that does scare me about the OS6 / BTRFS based NAS's is the inability for a user to perform file system checks etc. I've heard some horror stories about BTRFS. I recall on the same clients Pro 6 having a call one afternoon where the volume was inaccessible. I simply logged in via SSH and observed that the EXT4 filesystem had been mounted RO due to an FS issue. I simply unmounted it, ran e2fsck and all was well... If the same were to happen on BTRFS I'd be at a loss.
Is there any value in having the secure diagnostics enabled all the time for a server in a remote location?
I wouldn't be comfortable doing that myself. You'd be permanently allowing Netgear full access to the NAS, with no way of monitoring when such access occurred.
Probably better off training someone on that site on how to boot the NAS in tech support mode.
It certainly is more feature rich and offers bit rot protection but I do see a worrying number of folks on here complaining of sporadic file system corruption and normally without any known trigger... It seems when this occurs, often there isn't a way to repair the FS and then it becomes a data recovery situation.
Obviously backups are taken, daily but for a business restoring the volume and data could take over a day so something to avoid.
EXT4 has its issues that lead to data recovery situations as well.
On the whole I do reckon BTRFS handles things a lot better. There are some nice tools for data recovery and some features like duplicated metadata come in very handy.
It can be all to easy to blame the filesystem for problems that turn out to be caused by something else entirely.
The BTRFS developers do currently have an Online Filesystem Check under "Features Currently in Development or Planned for Future Implementation" on https://btrfs.wiki.kernel.org/
