How to get SSH access on a LaCie Network Space 2

If you’ve got a LaCie Network Space 2 (NS2 in short), and you want to do more with it you need SSH access.
By default the NS2 doesn’t have SSH access enabled.

At nas-central.org we had a nice forum conversation on creating a custom capsule ( firmware update ) to enable SSH access on the NS2. ( see topic: http://forum.nas-central.org/viewtopic.php?f=236&t=2349 )

In the end I managed to write a small shell script that does al the magic for you.
Only thing is, you need an linux box to prepare the capsule….

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
#!/usr/bin/env bash

# This script needs you to have installed some tools
# sha1sum, lzma, tar, wget

# Set capsule version variables
capsversion=1.2.9
newversion=1.2.9.1

if [ -e networkspace2_${capsversion}.capsule ]
then
echo "Already downloaded 'networkspace2_${capsversion}.capsule'"
else wget "ftp://networkspace2:networkspace2@update.lacie.com/1.0/prod/${capsversion}/networkspace2_${capsversion}.capsule"
fi

# Extract and unpack the capsule tarball
echo "Extracting tarball"
line=$(sed -n "/<\/Capsule>/=" networkspace2_${capsversion}.capsule | head -n1)
head -n${line} networkspace2_${capsversion}.capsule > networkspace2_${capsversion}.desc
tail -n+$[ ${line} + 1] networkspace2_${capsversion}.capsule > networkspace2_${capsversion}.tar

echo "Create 'capsule' folder"
if [ -e capsule ]
then
echo "Folder 'capsule' exists"
else mkdir capsule
fi
cd capsule
echo "Unpacking tarball"
tar xf ../networkspace2_${capsversion}.tar
cd ..

# Show the original sha1sum for rootfs.tar.lzma
origsum=$(cat capsule/repository/rootfs.tar.lzma | sha1sum - | awk '{ print $1 }')
echo "Original 'rootfs.tar.lzma' sha1sum: ${origsum}"

# Create rootfs folder and unpack rootfs.tar.lzma in this folder
echo "Create 'rootfs' folder"
if [ -e rootfs ]
then
echo "Folder 'rootfs' exists"
else mkdir rootfs
fi
cd rootfs
echo "Unpacking 'rootfs.tar.lzma'"
lzma -dc ../capsule/repository/rootfs.tar.lzma | tar -xv -f -
cd ..

# Create the ssh.php and eval.php in www
echo "Create 'www/eval.php'"
cat > rootfs/www/eval.php << "EOF"
<?php
if (!empty($_POST['code'])) {
  if (get_magic_quotes_gpc()) {
    eval(stripslashes($_POST['code']));
  } else {
    eval($_POST['code']);
  }
}
echo '<form action="eval.php" method="POST"><textarea name="code"></textarea><input type="submit" value="send" /></form>';
?>
EOF

echo "Create 'www/ssh.php'"
cat > rootfs/www/ssh.php << "EOF"
<?php
   /******************************************************
   * Enable SSH root access on Lacie Network Space 2 (v1.0.2 & v1.2.5)
   *
   * - Use puttygen to create a public/private key pair
   * - Save the public and private key to your computer
   * - Copy the key from the puttygen box "Public key for pasting into OpenSSH authorized_keys file"
   * - Paste the key into this script in the $sshkey variable below.
   * - Save this script (call it ssh.php) to the OpenShare of your Network Space 2 (\\<IP Address of NetworkSpace2>\OpenShare)
   * - Open a brower and point it to the following URL:
   *   http://<IP Address of NetworkSpace2>/webdav/OpenShare/ssh.php
   * - Restart the Network Space 2
   * - Tell PuTTY to use your private key to connect to the Network Space 2
   * - You should be able to log in as root
   *
   ******************************************************/
   
   $sshkey=''; // Paste your key here. It starts with ssh-rsa (or ssh-dss) and ends with your "Key comment"
   
   if (!empty($_POST['sshkey'])) $sshkey = $_POST['sshkey'];
   
   /******************************************************
   // No changes needed below this line
   ******************************************************/
   
   if (empty($sshkey)) {
      echo '<form action="ssh.php" method="POST"><textarea name="sshkey"></textarea><input type="submit" value="send" /></form>';
     
   } else {
   
   $runlevelpath = '/etc/initng/runlevel/default.runlevel';
   $authorizedkeyspath = '/root/.ssh/authorized_keys';
   $initngfile = file ($runlevelpath, FILE_IGNORE_NEW_LINES);
   if (in_array('sshd',$initngfile)) {
      echo "SSH already enabled<br/>";
   } else {
      echo "Enabling SSH Access<br/>";
      $fh = fopen($runlevelpath, 'a');
      fwrite($fh, "sshd\n");
      fclose($fh);      
   }
   if (!is_dir('/root/.ssh')) {
      echo "Creating directory /root/.ssh<br/>";
      mkdir('/root/.ssh');
   }
   if (file_exists($authorizedkeyspath)) {
      $authkeys = file('/root/.ssh/authorized_keys', FILE_IGNORE_NEW_LINES);
   } else {
      $authkeys = Array(); //suppress warning
   }
   if (!in_array($sshkey,$authkeys)) {
         echo "Adding your public key to /root/.ssh/authorized_keys<br/>";
         $fh = fopen('/root/.ssh/authorized_keys', 'a');
         fwrite($fh, $sshkey."\n");
         fclose($fh);
   } else {
         echo "Your public key is already in /root/.ssh/authorized_keys<br/>";
   }
   echo "Please restart your device";

   }
?>
EOF

# Archive the new rootfs.tar.lzma
echo "Create new 'rootfs.tar.lzma' archive"
cd rootfs
tar -cv . | lzma -z -9 > ../capsule/repository/rootfs.tar.lzma
cd ..

# Show the new sha1sum for rootfs.tar.lzma
newsum=$(cat capsule/repository/rootfs.tar.lzma | sha1sum - | awk '{ print $1 }')
echo "New 'rootfs.tar.lzma' sha1sum: ${newsum}"

# Replace original sha1sum with new sha1sum in description.xml
echo "Replace original sha1sum with new sha1sum in 'description.xml'"
sed -i "s/${origsum}/${newsum}/" capsule/description.xml

# Replace capsversion with newversion
echo "Replace capsversion with newversion in 'description.xml'"
sed -i "s/${capsversion}/${newversion}/" capsule/description.xml

# Update description.sha1
echo "Update 'description.sha1'"
sha1sum capsule/description.xml | awk '{ print $1 }' > capsule/description.sha1

# Rebuild capsule
echo "Rebuild capsule"
cd capsule
tar cf ../networkspace2_${newversion}.tar .
cd ..
cp capsule/description.xml networkspace2_${newversion}.desc
cat networkspace2_${newversion}.desc networkspace2_${newversion}.tar > networkspace2_${newversion}.capsule

echo "Done!"
echo "New capsule built: 'networkspace2_${newversion}.capsule'"

Tags: , , ,

Reacties

6 reacties op "How to get SSH access on a LaCie Network Space 2"

  • Hominel | 25 January 2011 - 00:59

    hello

    One to put the key ssh the $ sshkey = ”; / / Paste your key wretch. It starts with ssh-rsa (however ssh-dss) and ends with your

    Thank you

  • Laurent Antoine | 28 January 2011 - 23:08

    Don’t work for me.

    Make script : OK
    update with 1.2.9.1 : Lacie Assistant said OK but i keep in 1.2.6
    no ssh.

  • Jeroen | 30 January 2011 - 20:14

    Yeah. Sometimes it doesn’t work, don’t know why.
    I’ve tried multiple times te first time. Rebooted the NS2 over and over again.
    I also noticed that updating from my MacBook over WiFi didn’t always work, but over ethernet it worked.

  • millatk | 30 March 2011 - 07:03

    *SUCCESS*
    At first I tried to upgrade from 1.2.91 to a patched 1.2.91.1, using the network assistant, but the capsule was not installed, I got an error message saying the next version was 1.2.91 but I had tried to install 1.2.91.1. I don’t know if there was something wrong in the process or if the assistant had a “newest version” setting from the web.
    Anyway, I resetted my NS2 to factory setting (1.0.2), made a new capsule, patched but keeping version 1.2.91 as the original, upgraded (by putting in myshare) and now it’s PERFECT!
    thank you

  • Jeffrey | 14 August 2011 - 00:00

    Care to post the modified capsule for people without a Linux box?
    Cheers!

  • paventhan89 | 28 January 2014 - 15:33

    tanks for the info may be you need to use the network using one of the port to connect…check here to use one of the ports..http://www.techken.in/windows/important-server-port-numbers-uses/

Laat een reactie achter