locked myself out of my odroid

Moderators: mdrjr, odroid

locked myself out of my odroid

Unread postby jposemescouilles » Wed Sep 05, 2018 11:16 am

Hi,

I use my odroid hc-1 as a webserver. As it worked fine for my website, I started hosting a friends website. I needed to give him sftp access, so I began editing the sshd_config file (config file of open ssh). To test if what I did was fine I restarted open ssh, it did not start, so I had the genius idea to enter reboot

Now I cannot access my odroid anymore, be it via ssh or sftp (logic as it uses ssh).
"ssh: connect to host odroid port 22: Connection refused"

Looking back to my terminal screen I saw that open ssh couldnt start because of the modif I made to this sshd_config file (I didnt take the time to read that before my reboot command.........)

So my best guess is that open ssh cannot launch so I can't access anything.

The irony is that the webserver is working fine as before (defensedestationner.fr)

I already ordered a sata to usb connector from amazon which will be here in two days.

Is there really no way to connect to my odroid ? I have the thing in my god damn hand!!
jposemescouilles
 
Posts: 8
Joined: Thu Mar 01, 2018 9:01 am
languages_spoken: english / français
ODROIDs: hc-1

Re: locked myself out of my odroid

Unread postby tobetter » Wed Sep 05, 2018 11:35 am

jposemescouilles wrote:Hi,

I use my odroid hc-1 as a webserver. As it worked fine for my website, I started hosting a friends website. I needed to give him sftp access, so I began editing the sshd_config file (config file of open ssh). To test if what I did was fine I restarted open ssh, it did not start, so I had the genius idea to enter reboot

Now I cannot access my odroid anymore, be it via ssh or sftp (logic as it uses ssh).
"ssh: connect to host odroid port 22: Connection refused"

Looking back to my terminal screen I saw that open ssh couldnt start because of the modif I made to this sshd_config file (I didnt take the time to read that before my reboot command.........)

So my best guess is that open ssh cannot launch so I can't access anything.

The irony is that the webserver is working fine as before (defensedestationner.fr)

I already ordered a sata to usb connector from amazon which will be here in two days.

Is there really no way to connect to my odroid ? I have the thing in my god damn hand!!

If you have a USB-to-UART cable, you can easily connect to running ODROID.
If you don't, just turn off it and pull out SD card, and put into your desktop using USB card reader, here my hope is you have Linux box, then change the port number in sshd_config which you changed in the SD card. Then give it back to ODROID to power on. Hope this works for you.
tobetter
 
Posts: 2341
Joined: Mon Feb 25, 2013 10:55 am
Location: Paju, South Korea
languages_spoken: Korean, English
ODROIDs: X, X2, U2, U3, XU3, C1

Re: locked myself out of my odroid

Unread postby jposemescouilles » Wed Sep 05, 2018 11:51 am

I have neither USB-to-UART cable nor a Linux computer. Would virtualbox make do ?

Also, my whole filesystem (along my boot files) are on my ssd so I'm not sure if that sshd_config file is on the sd.
jposemescouilles
 
Posts: 8
Joined: Thu Mar 01, 2018 9:01 am
languages_spoken: english / français
ODROIDs: hc-1

Re: locked myself out of my odroid

Unread postby tobetter » Wed Sep 05, 2018 12:04 pm

jposemescouilles wrote:I have neither USB-to-UART cable nor a Linux computer. Would virtualbox make do ?

Also, my whole filesystem (along my boot files) are on my ssd so I'm not sure if that sshd_config file is on the sd.

If your VirtualBox can mount desktop's USB, then it will work.
If that's the case and if you can turn off your HC1 for a minute, you can try either SD card or SSD. If you SSD contains the whole root file system, then sshd_config would be in it, besides SSD is mounted to somewhere in the root file system then sshd_config is in SD card. Anyhow, the sshd_config is in etc/ssh in a storage.
tobetter
 
Posts: 2341
Joined: Mon Feb 25, 2013 10:55 am
Location: Paju, South Korea
languages_spoken: Korean, English
ODROIDs: X, X2, U2, U3, XU3, C1

Re: locked myself out of my odroid

Unread postby mad_ady » Wed Sep 05, 2018 2:31 pm

If virtualbox doesn't work, you can boot your pc with a live linux distribution (like systemrescuecd) and access your sd/ssd files.
User avatar
mad_ady
 
Posts: 4428
Joined: Wed Jul 15, 2015 5:00 pm
Location: Bucharest, Romania
languages_spoken: english
ODROIDs: XU4, C1+, C2, N1

Re: locked myself out of my odroid

Unread postby jposemescouilles » Thu Sep 06, 2018 3:47 am

I have a mac, hope virtualbox will work.

If it doesnt work, well... could someone just hack me already ?
jposemescouilles
 
Posts: 8
Joined: Thu Mar 01, 2018 9:01 am
languages_spoken: english / français
ODROIDs: hc-1

Re: locked myself out of my odroid

Unread postby mad_ady » Thu Sep 06, 2018 2:52 pm

Modern macs run on intel architecture so you shouldn't have a problem booting a live linux cd. You may also be able to mount ext filesystems nativelly
User avatar
mad_ady
 
Posts: 4428
Joined: Wed Jul 15, 2015 5:00 pm
Location: Bucharest, Romania
languages_spoken: english
ODROIDs: XU4, C1+, C2, N1

Re: locked myself out of my odroid

Unread postby jposemescouilles » Sat Sep 08, 2018 9:41 am

I received my sata to usb cable today and was able to mount my ssd.
Even after correcting my sshd_config file I am still unable to connect to my odroid.
"ssh: connect to host odroid port 22: Connection refused"
The webserver still works as my website is still online.

Apparently, it has already happened to someone else : viewtopic.php?f=13&t=1861

I'm gonna try and configure sshd to use another port..
jposemescouilles
 
Posts: 8
Joined: Thu Mar 01, 2018 9:01 am
languages_spoken: english / français
ODROIDs: hc-1

Re: locked myself out of my odroid

Unread postby mad_ady » Sat Sep 08, 2018 3:55 pm

You may be able to start a shell over netcat from /etc/rc.local and connect to it, bypassing ssh so you can see why it doesn't start: https://www.binarytides.com/netcat-tuto ... beginners/

Edit: if netcat is not ok, webmin has a web shell you can use.
To install webmin see the nas article from here: magazine.odroid.com/issue/201804/
You will need to add the sources.list and since you don't have shell you can add the following to /etc/rc.local:
Code: Select all
apt-get update
apt-get -y install webmin
service webmin start

You should tgen be able to connect to https://odroid-ip:10000/ with a system account and start a web shell.
User avatar
mad_ady
 
Posts: 4428
Joined: Wed Jul 15, 2015 5:00 pm
Location: Bucharest, Romania
languages_spoken: english
ODROIDs: XU4, C1+, C2, N1

Re: locked myself out of my odroid

Unread postby jposemescouilles » Mon Sep 10, 2018 6:30 am

Thanks a lot for your ideas. I've now tried three things, none of which did work :

- configure sshd_config to use port 26 instead of 22 -->> didnt work

- tried to execute a php script on my server to get reverse shell access with netcat -->> when I access mysite.com/php-reverse-shell.php I get "access denied"
I don't know how could I give myself shell access from rc.local, methods I found online suppose you have netcat installed on the target machine (which I don't as I don't think netcat is standard in ubuntu) and tell you to put nc -c /bin/sh <your IP> <any unfiltered port> in rc.local

- tried to install webmin following your instructions, I created a webmin.list file with "deb http://download.webmin.com/download/repository sarge contrib" in it and appended the code you gave me to etc/rc.local, tried to connect to https://odroid-ip:10000 but it didnt work either

I have ordered a usb to uart cable which comes in five days, meanwhile if anyone wants to hack me its open contest guys ! I can even help you by putting desired files onto my server :-)
jposemescouilles
 
Posts: 8
Joined: Thu Mar 01, 2018 9:01 am
languages_spoken: english / français
ODROIDs: hc-1

Re: locked myself out of my odroid

Unread postby mad_ady » Mon Sep 10, 2018 2:46 pm

You can copy a armv7 busybox binary from https://busybox.net/downloads/binaries/1.21.1/, put it in /bin and make it executable.
Prefix the netcat or nc command with /bin/busybox in /etc/rc.local. And show us the actual commands you put in rc.local to spot any mistakes.
User avatar
mad_ady
 
Posts: 4428
Joined: Wed Jul 15, 2015 5:00 pm
Location: Bucharest, Romania
languages_spoken: english
ODROIDs: XU4, C1+, C2, N1

Re: locked myself out of my odroid

Unread postby mad_ady » Fri Sep 14, 2018 10:37 pm

How did it go?
By the way, next time you break ssh (ssh service doesn't restart) do not close your existing connection (only new connections are affected). It allows you to fix things...
User avatar
mad_ady
 
Posts: 4428
Joined: Wed Jul 15, 2015 5:00 pm
Location: Bucharest, Romania
languages_spoken: english
ODROIDs: XU4, C1+, C2, N1

Re: locked myself out of my odroid

Unread postby jposemescouilles » Sat Sep 15, 2018 2:58 am

I haven't had the time to try yet, it is start of academic year here and i'm really overwhelmed with work.

As for breaking existing ssh, I learned my lesson haha

Thanks a lot for helping me
jposemescouilles
 
Posts: 8
Joined: Thu Mar 01, 2018 9:01 am
languages_spoken: english / français
ODROIDs: hc-1


Return to Issues

Who is online

Users browsing this forum: No registered users and 2 guests