In my previous post I mentioned that a newly purchased Dockstar tends to "phone home" and by making automated firmware upgrade, forbids ssh login with the default credentials root/stxadmin. In order no to make this happen, one can dedicate a separated subnet or even a distinguished switch to the Dockstar which is of course cumbersome in home environments where spare switches do not lay around everywhere.
In this post I first show how to regain ssh access without registering to the Pogoplug web service. Then we will permanently switch off the cloud service responsible for the nasty behavior (I should have done this in the first place). The first part requires some soldering as right now we only have the serial interface. This means that if you just bought the Dockstar, you better jump to the second part of this post and ensure the ssh access. This comes handy as well if you plan to change the factory default firmware afterward.
Serial console
As embedded boards do not necessary have any video output, a serial connection almost always exists mainly for debugging. Such basic access might come handy if all hell gets loose, and e. g. network connection becomes broken. On the Dockstar we find a 2x5 pin header on which we find the JTAG and serial connection. Here, the important pins are 8 (RxD), 9 (TxD) and 10 (GND). If you are not familiar with this naming scheme, I suggest reading this Wikipedia article.
Important: the Dockstar serial port voltage levels are 0 to 3.3V, while RS-232 uses -12V to 12V which most likely will damage the board. Therefore never hook the Dockstar serial out to a PC RS-232 port! It is more versatile (and with the extinction of hardware RS-232 ports eventually necessary) to use a USB-serial converter. I used a FTDI FT232RL based board, however it is easier to use the data cable of some cell phones. There have been success reports with Siemens C55 and Nokia cables. The later is easier to develop, as most the USB-serial converter is already designed, but as I had the FTDI board, I stuck with that one. As for design considerations, there is an interesting concept in the second part of this post to close the upper cover of the Dockstar with the serial port remaining accessible. It would also be interesting to build the USB-serial electronics inside and connect it the top mini USB plug.
Now, we can either directly solder the corresponding lines or make a converter cable. It is important to hook up the lines in a crossed fashion: Dockstar RxD -- converter TxD and vice versa. GND is GND as always.
Now it is time to test the connection: open you favorite serial console program, such as putty, or Windows's built-in HyperTerminal. The serial port settings are 115200 baud, 8 data bits, no parity, 1 stop bit. If everything goes well, you will see Dockstar booting on the console after a power on. If this is not the case, check the connection, and the USB-serial converter settings.
Restarting ssh service
Dockstar uses Dropbear as ssh server, which is a lightweight server and client combined application. For further understanding it is important to know, that startup scripts are located in /etc/init.d. More specifically, rcS is being executed each time the device boots up. The other scripts in this directory are responsible for the services running on Dockstar. We are particularly interested in hbmgr.sh and dropbear.sh. The following lines can be executed via the serial console:
-sh-3.2# cd /etc/init.d
-sh-3.2# ls -1
db
dropbear.sh
hbmgr.sh
rcS
udhcpc_ra0.sh
hbmgr.sh is the cloud service startup script causing all the pain while dropbear.sh is the ssh startup script. Now we need to alter rcS to contain the later while removing the first one. In order to make this possible, we have to remount the root filesystem:
-sh-3.2# mount -o rw,remount /
And then editing rcS with a text editor such as vi. For vi, there are many good manuals on the internet, here I only want to add that the vi on Dockstar starts up in command mode, therefore first we need to press 'i' in order to actually type in the file.
-sh-3.2# vi rcS
#! /bin/sh
mount -t proc none /proc
mount -t sysfs none /sys
mount -t devpts none /dev/pts
mount -t tmpfs none /tmp
mount -t usbfs none /proc/bus/usb
mkdir /tmp/var
echo "/tmp/core_%e_%t" > /proc/sys/kernel/core_pattern
hostname Pogoplug
ifconfig lo 127.0.0.1
ifconfig eth0 169.254.37.133
udhcpc -b `hostname`
#telnetd
/etc/init.d/db
ntpd -g
#comment out the following line
mount -t proc none /proc
mount -t sysfs none /sys
mount -t devpts none /dev/pts
mount -t tmpfs none /tmp
mount -t usbfs none /proc/bus/usb
mkdir /tmp/var
echo "/tmp/core_%e_%t" > /proc/sys/kernel/core_pattern
hostname Pogoplug
ifconfig lo 127.0.0.1
ifconfig eth0 169.254.37.133
udhcpc -b `hostname`
#telnetd
/etc/init.d/db
ntpd -g
#comment out the following line
#/etc/init.d/hbmgr.sh start
#add the following line
/etc/init.d/dropbear.sh start
#/bin/mount -a
#add the following line
/etc/init.d/dropbear.sh start
#/bin/mount -a
When finished, press ESC and then save with typing ":wq".
Now it is time to reboot:
-sh-3.2# /sbin/reboot
and now Dockstar can be reached via ssh with the default root/stxadmin login which I suggest to change with the passwd command. As the cloud service engine was switched off, this will remain the case, so it is now safe to leave the Dockstar plugged on the network. An interesting side effect of the above procedure is that the LED will remain yellow even though the LAN link is up.
is this why my dockstar of 2 years stopped working?
ReplyDelete