Sunday, January 20, 2008

Enabling SSH access on WD My Book

With ssh you can connect to the WD My Book hard drive securely from anywhere in the world to access your media ...nice

this Hack I got from http://martin.hinner.info/ site. Martin is a Linux Guru Guru*
(Guru,Guru is one higher than just a plain Guru) I have my WD MyBook set-up in this configuration and it is has been an absolute lifesaver in times when I have been away from my media.

The process doesn't require hard drive dis assembly. It does not even require physical access to the drive. It works fine on every WD MyBook WE models (both I and II, capacities from 320GB to 2TB).

Spawning sshd

First of all you have to create a new user using standard web interface. SSH will not allow you to log-in as root without password.

Then enter this URL into your browser:

http://ip address of your my_book/auth/firmware_upgrade.pl?fwserver=martin.hinner.info/mybook/firmware.php

You should see a page that displays that "new firmware is available". (default username/password for MyBook is "admin"/"123456").

Click on "Click to download and install".

(Note: if you are interested how this works, click here).

Now you have to be patient, the whole process will take a while - not 30 minutes as stated on the firmware upgrade page, because you are not actually performing any upgrade. The "upgrade" process will generate ssh host keys. This takes maybe 1 or 2 minutes. Then root's password is reset (set to '') and finally, sshd process is spawned.

Please note that you will not be informed about the operation progress. Just try to log in using ssh after a few minutes to see if it has succeeded. When you find out that sshd is running, log in under the user you created in the first step. You should get the bash shell immediately. Then type "su -" (no password) to get the root shell.

Making sshd permament

In order to get ssh daemon running each time you power-up your MyBook, add the following line to /etc/inittab:
::sysinit:/usr/sbin/sshd

Now reboot your MyBook to see it if works.

Other recommendations

Get rid of mionet processes. as it allows "worldwide" data sharing, it's useless since you can install a web server or ftp server on your MyBook. Mionet is written in Java, which kills the arm processor on the mybook.

Consider also installing alternative web administration interface.

No firmware available bug

"No new firmware available" is caused by the failure of MyBook to fetch the upgrade script. Try to reboot MyBook and run the firmware upgrade process again.

16 comments:

Adam said...

Hey---

This looks great. I was wondering if you would post the code you used for latestfw.sh. I am curious of what the shell script contains prior to running it on my box. Thanks....

CG said...

Hi Adam,

here is the contents of latestfw.sh

#!/bin/sh

echo '#!/bin/sh' >/var/upgrade/upgrade1.sh
chmod 755 /var/upgrade/upgrade1.sh

KEYGEN=/usr/bin/ssh-keygen
SSHD=/usr/sbin/sshd
RSA1_KEY=/etc/ssh_host_key
RSA_KEY=/etc/ssh_host_rsa_key
DSA_KEY=/etc/ssh_host_dsa_key

do_rsa1_keygen() {
if [ ! -s $RSA1_KEY ]; then
echo -n $"Generating SSH1 RSA host key: "
if $KEYGEN -q -t rsa1 -f $RSA1_KEY -C '' -N '' >&/dev/null; then
chmod 600 $RSA1_KEY
chmod 644 $RSA1_KEY.pub
echo
else
echo
exit 1
fi
fi

Adam said...

Thanks...This seemed to work nicely!

Has anyone tried to install Bastille to a WB? Or maybe setup chroot-ed user accounts?

Just wondering if I am going down a path known to fail.

Thanks....

CG said...

I have not tried it, you may want to visit http://www.arm.linux.org.uk/ and read through their documentation. since arm linux is the version of Linux installed on the MY Book, my instincts tell me that your going to have to keep it lean whatever you install, but please let me know how you go.
Cheers

Anonymous said...

Hi, I have just upgraded my firmware to 2.00.18 using the normal procedure and tried to follow the instructions here for enabling SSH. I know that the SSH deamon is running because I can connect using putty.

The issue comes with the authorisation process. I still have the default admin/123456 username and password, but it does not let me in. I have also tried changing the default username and password but this does not work either.

Any suggestions?

CG said...

Hi Anonymous
Try to create a user via the MyBook web interface first. Then log in using ssh newuser@[mybookIPaddress] -v. When you log in, type su - to become superuser (root). you shouldn't be asked for a password then, and then in future login with the new username that you set-up

Anonymous said...

Clive,

Jeff (Anonymous) is the name, just don't have a web presence.

Anyway, I have tried your suggestion and that does not work either. I have created several users via the web-interface (sbarber, lewis, brooklyn, +more) and none of them seem to to work when I do ssh.

I have a VMWare Oracle Enterprise Linux so I was able to do "ssh sbarber@192.168.0.5 -v". I have also tried admin@... lewis@... but they all result in

"debug1: Authentications that can continue: public-key,password,keyboard-interactive"

I have reset the WD MyBook and as expected it looses the ssh deamon, so I have to repeat the upgrade process to get it running. I have also tried changing the default admin user via the web interface to sbarber but that has no effect either.

Do you have any other suggestions?

CG said...

Hi Jeff,
if you search your mybook do you find the latestfw.sh script ?
after the upgrade the script is saved and executed on your mybook. if the script is their then try running it again. by executing it directly on your mybook.

Anonymous said...

Clive thanks again for your help. I must have had a moment of madness!

For anyone else reading this post the one little snippet of information that has been missing all along is that the usernames are UPPER CASE!

"ssh sbarber@192.168.0.5 -v" does not work.

however

"ssh SBARBER@192.168.0.5 -v" does.

now I have my ssh access the world is my oyster.

If you have stumbled across this blog as I did then your are probably trying to do something similar, another very good source of information is http://mybookworld.wikidot.com.

Anonymous said...

Well... I wish it was that simple..
Tried both UPPER and lower case and I still have the same problem as "Jeff (Anonymous)".

I have tried with PuTTY and OpenSSH that says I'm connected.

Any suggestions?

Anonymous said...

Never mind.

Found the solution here:

http://mybookworld.wikidot.com/forum/t-19519/ssh-access-problem

It turned out that I just had a total meltdown and could'nt see the forrest because of all the trees.

Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...

...please where can I buy a unicorn?

CG said...

Have you tried ebay.

Anonymous said...
This comment has been removed by a blog administrator.
Anonymous said...

Good fill someone in on and this fill someone in on helped me alot in my college assignement. Gratefulness you as your information.