Welcome! Log In Create A New Profile

Advanced

pogo v3 (oxnas) enable ssh

Posted by jay 
jay
pogo v3 (oxnas) enable ssh
May 09, 2016 01:10AM
hi,
anyone has hints to enable ssh?
i found a new pogoplug pro and tried to enable ssh.
there are just open ports at 80 3333 and 3334.
i tried to register with my.pogoplug.com and the device is found.
so i registered it, but i do not receive the email.
the device is visible at my account and i can access the harddisk and files
but under options security there is just the option to change the login password.

jay
Re: pogo v3 (oxnas) enable ssh
May 09, 2016 01:43AM
jay Wrote:
-------------------------------------------------------
> hi,
> anyone has hints to enable ssh?
> i found a new pogoplug pro and tried to enable
> ssh.
> there are just open ports at 80 3333 and 3334.
> i tried to register with my.pogoplug.com and the
> device is found.
> so i registered it, but i do not receive the
> email.
> the device is visible at my account and i can
> access the harddisk and files
> but under options security there is just the
> option to change the login password.
>
> jay

Can you chage the login password? if you can then the SSH option should be there after you changed it.

As I recalled, the Pogo SSH option is not intuitive, hard to find, but it's there as "options" or "settings". Keep looking on the pogoplug web page.

-bodhi
===========================
Wiki
latest Kirkwood kernel builds and rootfs
latest u-boot-kirkwood builds
latest Oxnas kernel builds and rootfs
latest u-boot-oxnas builds
latest MVEBU Armada kernel builds and rootfs
U-Boot & Kernel Booting process
bodhi's u-boot GitHub
bodhi's corner
jay
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 05:25PM
hi,

> Can you chage the login password? if you can then
> the SSH option should be there after you changed
> it.

it should be at the same page as for changing the login pw.

that login pw change ist just for the pogo website.
and -sure, i tried to change it, but there is no ssh option...

reboot, reconnect, relogin, remove and bind. all tested, without luck...

jay
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 06:51PM
Backdoor Method (credit to GTVHacker.com)

Make sure your Pogoplug is connected to your network and has internet access.

Check your router or use a network scanning tool (iNet Network Scanner on iPhone) to determine the IP Address of the Pogoplug.

From a Linux computer (e.g. another Pogoplug running Debian/Alarm) run the below curl command.

curl -k "https://root:ceadmin@[PogoplugIPAddress]/sqdiag/HBPlug?action=command&command=dropbear%20start";

If the above curl command doesn't work, your Pogoplug may need to be updated. Leave it plugged in for a hour or two and then try the command again.

Note that the backdoor method is not persistent (SSH access not available after a reboot).



Edited 2 time(s). Last edit at 05/11/2016 07:01PM by Gravelrash.
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 06:57PM
My recommendation is to open it up and use a serial console cable


username: root
password: (the password is 'stxadmin' on Seagate branded devices and 'ceadmin' on Pogoplug devices)
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 07:41PM
jay
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 08:43PM
hi,
> "https://root:ceadmin
as i wrote, there is no ssl port open. i already knew this procedure...

> If the above curl command doesn't work, your
> Pogoplug may need to be updated. Leave it plugged
> in for a hour or two and then try the command
> again.
i left it on and connected for 40h. there is no update performed.
seems like pogo has no update for the oxnas pogo :-(

jay
jay
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 08:45PM
hi,

> My recommendation is to open it up and use a
> serial console cable

thats how i did it al last. but i have not just one pogo pro and dont want to open each...

jay
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 10:09PM
> update performed.
> seems like pogo has no update for the oxnas pogo
> :-(

Yup. They already phased out free Pogo service.

There is no work around for this. If you can't enable SSH using the web page, then port 22 is not open. And if port 22 is not open then there is no way to log in other than serial console.

-bodhi
===========================
Wiki
latest Kirkwood kernel builds and rootfs
latest u-boot-kirkwood builds
latest Oxnas kernel builds and rootfs
latest u-boot-oxnas builds
latest MVEBU Armada kernel builds and rootfs
U-Boot & Kernel Booting process
bodhi's u-boot GitHub
bodhi's corner
jay
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 11:02PM
bad thing.
i can register,
i can get the 30day free account
i can register the box
it connects the vpn and i can copy files on it.
but i cant enable ssh nor the ssl connect :(

what a crap...

jay
Re: pogo v3 (oxnas) enable ssh
May 11, 2016 11:39PM
jay Wrote:
-------------------------------------------------------
> bad thing.
> i can register,
> i can get the 30day free account
> i can register the box
> it connects the vpn and i can copy files on it.
> but i cant enable ssh nor the ssl connect :(
>
> what a crap...
>
> jay

As I recall, I was also struggling to find this option :) so keep looking on that page. The link to enable SSH did not make sense, you would never have guessed. Indeed it is a crappy way they design that page :)

-bodhi
===========================
Wiki
latest Kirkwood kernel builds and rootfs
latest u-boot-kirkwood builds
latest Oxnas kernel builds and rootfs
latest u-boot-oxnas builds
latest MVEBU Armada kernel builds and rootfs
U-Boot & Kernel Booting process
bodhi's u-boot GitHub
bodhi's corner
jay
Re: pogo v3 (oxnas) enable ssh
May 12, 2016 12:39AM
it used to be on the same page as the password change.
options security.
it is still there at a colleagues account.

the only difference is, he has firmware 3.x mine is 2.x

jay
Dalant
Re: pogo v3 (oxnas) enable ssh
May 13, 2016 11:44AM
Here is what is happening. On older versions of the firmware, the device is unable to create an ssl connection to secure.pogoplug.com or my.pogoplug.com because the ssl certificate they are using is producing an error. Without an ssl connection, the device can't upgrade or have the ability to enable ssh from the web interface.

[132826.990][MTP02 ][PLCRYP][07] USING MAC ADDRESS: 00:25:31:XX:XX:XX from eth0:0
[132827.112][MTP02 ][PLCRYP][07] TALKING TO SERVICE @ secure.pogoplug.com
[132827.369][MTP02 ][BRHTTP][08] Error with certificate at depth: 1
[132827.370][MTP02 ][BRHTTP][08] subject: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
[132827.370][MTP02 ][BRHTTP][08] issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
[132827.370][MTP02 ][BRHTTP][08] error: 20:unable to get local issuer certificate
[132827.370][MTP02 ][BRHTTP][08] Error with certificate at depth: 1
[132827.370][MTP02 ][BRHTTP][08] subject: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
[132827.370][MTP02 ][BRHTTP][08] issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./CN=Go Daddy Root Certificate Authority - G2
[132827.370][MTP02 ][BRHTTP][08] error: 27:certificate not trusted
[132827.370][MTP02 ][BRHTTP][08] Error with certificate at depth: 0
[132827.370][MTP02 ][BRHTTP][08] subject: /OU=Domain Control Validated/CN=*.pogoplug.com
[132827.371][MTP02 ][BRHTTP][08] issuer: /C=US/ST=Arizona/L=Scottsdale/O=GoDaddy.com, Inc./OU=http://certs.godaddy.com/repository//CN=Go Daddy Secure Certificate Authority - G2
[132827.371][MTP02 ][BRHTTP][08] error: 7:certificate signature failure
[132828.188][MTP02 ][PLCRYP][07] ------------------------------------------------------
[132828.188][MTP02 ][PLCRYP][07] RESP: 405 [Method Not Allowed]
[132828.188][MTP02 ][PLCRYP][07] ------------------------------------------------------
[132828.188][MTP02 ][PLCRYP][07] ------------------------------------------------------

I have put in a support request with pogoplug about this today. I'm not sure when this started happening, but it could have been within the past few weeks. Since it is impacting older firmware's ability to update, hopefully they will put the time into fix it.

It looks like for the time being, the only way to upgrade these older firmware units is through the serial method.
Re: pogo v3 (oxnas) enable ssh
May 13, 2016 03:41PM
StarG
Re: pogo v3 (oxnas) enable ssh
May 17, 2016 06:42PM
Just here to tell that i'm affected too. System is locked tight and it fails to update itselves and doesn't have its webserver configured to accept SSL connections but requires those to accept commands from the interface. Yay!
Dalant
Re: pogo v3 (oxnas) enable ssh
May 18, 2016 03:50PM
Some corrections to my previous post. The SSL error in the logs isn't actually causing an issue, because apparently the software still accepts the outgoing SSL connections as valid. Here are the problems with pogoplug services currently:

time.pogoplug.com is unreachable, preventing NTP time synchronization.
upgrade.pogoplug.com is unreachable, preventing firmware updates.

I was able to resolve both of these issues by DNS spoofing those domains to the main pogoplug.com ip (38.84.66.84). After this, both my PPV3 and PPV4A1 were able to upgrade themselves to version 3.4.5.13.

!!!PLEASE NOTE!!! As far as I can tell, firmware 3.4.5.13 only has port 80 open, so the HTTPS backdoor method still is not available.

Beyond that, the option to enable SSH in the web dashboard is not showing because the device is responding with the error: "Client attempted to access us without SSL!" to the following SOAP request at "/svc/api":

<soapenv:Envelope><soapenv:Body><featureCommand><feature>ssh</feature><command>isenabled</command><deviceid>XXXXXXXXXXXXXXXXXXXXXXXXXX</deviceid></featureCommand></soapenv:Body></soapenv:Envelope>

Also there seems to be a check-in process to secure.pogoplug.com that is failing "405 [Method Not Allowed]" to a PUT request "/svc/csr/...." that also has a certificate attached. I wonder if it's this check-in that actually does some configuration on the device to enable SSL access or SSH toggling.
Re: pogo v3 (oxnas) enable ssh
May 18, 2016 05:28PM
For what it's worth, the last time I tried to enable SSH on a new Pogoplug Pro at pogoplug.com, I was given the option to setup the wireless using the stock wireless card and firmware.. This option had disappeared for a while but it appeared it had been reinstated. Not sure if it's still the case.

LeggoMyEggo's Google Plus Profile
cdlenfert
Re: pogo v3 (oxnas) enable ssh
February 09, 2017 11:44AM
Hi Dalant, can you share how you were able to spoof DNS in order to get the Pogoplug Pro to take an update? I'm having issues being stuck on firmware version 2.4.9.2 where hard drives are not being recognized. Maybe the older firmware didn't support as many drive formats HFS+, etc. Thanks for any point in the right direction.
Re: pogo v3 (oxnas) enable ssh
February 09, 2017 04:10PM
cdlenfert
Re: pogo v3 (oxnas) enable ssh
February 10, 2017 10:08AM
Thanks bodhi, I've definitely considered installing Debian on the box, but I also have a E-02 Pogo with 256mb of ram and a faster processor that I'm thinking about playing with ALARM on first. I bought this Pro actually hoping to get another E-02 in a mislabeled P-21 box, but I received the Pro instead. So I'm thinking I'll play around with the OS on the beefier device and get this Pro running as a backup. Currently I like the default Pogo OS with Optware and Samba 3.6 running on it. So that's what I'm hoping to get in place on the Pro. I've ordered a USB to serial connector so I can get SSH access and add Optware, but I'd like to get the Pogo OS updated to the latest version since it seems to be running a lot better than 2.4.9.2. I'm just stuck on the step of how to get it to update. Dalant mentioned DNS spoofing, and I'd like to figure out how to do it.
cdlenfert
Re: pogo v3 (oxnas) enable ssh
February 12, 2017 12:26PM
Alternatively if there's another way to update the pogo firmware manually (I found moonman's download) I'd be equally interested in that approach since I'll hopefully have serial and SSH enabled soon. Thanks for any input.
Re: pogo v3 (oxnas) enable ssh
February 12, 2017 04:09PM
cdlenfert,

What moonman's upload file look like?

Once you have serial console connected, it should be easy flash new stock FW, if the file is a correct one. Come back and post your serial console log with the following info.

In stock OK, these info are needed before flashing

dmesg
cat /proc/mtd
blparam

-bodhi
===========================
Wiki
latest Kirkwood kernel builds and rootfs
latest u-boot-kirkwood builds
latest Oxnas kernel builds and rootfs
latest u-boot-oxnas builds
latest MVEBU Armada kernel builds and rootfs
U-Boot & Kernel Booting process
bodhi's u-boot GitHub
bodhi's corner
cdlenfert 2
Re: pogo v3 (oxnas) enable ssh
February 12, 2017 11:12PM
So tried to setup an account on the site but never got an activation e-mail. Now I'm cdlenfert 2

.....


Thanks again Bodhi,

I've downloaded the firmware file from Moonman's guide on the Arch forums - https://archlinuxarm.org/forum/viewtopic.php?f=53&t=3343&sid=29b7914f1137d0845f13a5c90194cbe0

The specific firmware file is here - https://dl.dropboxusercontent.com/u/15043728/ArchLinuxArm/my.pogoplug.com/pogoplug-3.4.5.13-1-arm.pkg.tar.xz

Since Moonman's guide mentions ArmV5 plugs, maybe I'm naive to think the firmware will also work on the Pro (armV6). Any confirmation either way would be much appreciated.

I should get my USB to TTL adapter tomorrow and will hopefully be able to make the connection and share the serial console log.

I had tried editing the hosts file on my Mac and connecting the Pogo through internet sharing hoping it would honor the Macs host file (to spoof DNS and point time.pogo... and upgrade.pogo... to the current pogoplug.com IP address (52.88.75.47) but that didn't work. I'm curious if there's a local hosts file on the Pogo I could modify to get it to update it's firmware itself. Or if there are any disadvantages to manually flashing the latest version (assuming it's armV6 compatible).
Re: pogo v3 (oxnas) enable ssh
February 13, 2017 01:38AM
cdlenfert,

> Since Moonman's guide mentions ArmV5 plugs, maybe
> I'm naive to think the firmware will also work on
> the Pro (armV6). Any confirmation either way would
> be much appreciated.

Ah, I remember that moonman post. I don't think it will work for the Pogo V3 Oxnas. It is for the Kirkwood plugs (amrv5).

-bodhi
===========================
Wiki
latest Kirkwood kernel builds and rootfs
latest u-boot-kirkwood builds
latest Oxnas kernel builds and rootfs
latest u-boot-oxnas builds
latest MVEBU Armada kernel builds and rootfs
U-Boot & Kernel Booting process
bodhi's u-boot GitHub
bodhi's corner
cdlenfert 2
Re: pogo v3 (oxnas) enable ssh
February 13, 2017 10:12PM
Hey Bodhi,

Thanks again for hanging in there wit me :)

UART adapter arrived in the mail today. Got it connected to the serial port on the PogoPro and managed to update my rcS file to start "dropbear" which gives me SSH access.

I was able to get the following commands to run
dmesg
cat /proc/mtd

Should those be safe to share here in a Pastebin?

When I run blparam, I only get the message "-sh: blparam: not found"

I also notice in the output for dmesg the following line <5>[ 18.840000] Hfs+/HfsX read/write support included. I've tried mutile times formatting different drives on my Mac and connecting them to my Pogoplug Pro and only 1 drive will mount (Fat 32 I think). Seems like I should be able to mount everything and I'm wondering if something else might be off with this device. Maybe I'll start another thread at that point.

For now my main goal is to get the stock OS to update. Any tips on that would be greatly appreciated.
Re: pogo v3 (oxnas) enable ssh
February 14, 2017 01:41AM
cdlenfert,

> Should those be safe to share here in a Pastebin?

You should scrub the ethernet MAC address and serial numbers of the disk drives from dmesg log. And /proc/mtd does not have anything private.


>
> When I run blparam, I only get the message "-sh: b
> lparam: not found"
>

blparam is in /usr/local/ somewhere that has cloudengines subfolder. Search for it, and then use the fullpath to execute:

find /usr/local -name '*blparam*'

> I also notice in the output for dmesg the followin
> g line <5>[ 18.840000] Hfs+/HfsX read/write supp
> ort included. I've tried mutile times formatting d
> ifferent drives on my Mac and connecting them to m
> y Pogoplug Pro and only 1 drive will mount (Fat 32
> I think).

Stock OS is not good enough to use. So I would not worry about this.

> For now my main goal is to get the stock OS to upd
> ate. Any tips on that would be greatly appreciated
> .

I didn't use stock OS long enough (only booting into it a few times to set up), so can't give advice on FW update.

-bodhi
===========================
Wiki
latest Kirkwood kernel builds and rootfs
latest u-boot-kirkwood builds
latest Oxnas kernel builds and rootfs
latest u-boot-oxnas builds
latest MVEBU Armada kernel builds and rootfs
U-Boot & Kernel Booting process
bodhi's u-boot GitHub
bodhi's corner
cdlenfert2
Re: pogo v3 (oxnas) enable ssh
February 20, 2017 12:26PM
Here is the output from the commands you listed.
Quote

dmesg
cat /proc/mtd
blparam

I've currently got the Pro running optware and serving files over SMB. Might move to Debian once I have more time to explore my option on this particular device. If I run Debian on it, I'd like to do some remote media sharing, maybe a shairport speaker (with external USB sound card), run Samba, control where my USB drives mount (so I can easily reboot the device without manually plugging in the drives in a specific order), and anything else that makes sense for my setup.

Thanks for any info/options you can provide based on this output. Really appreciate all the help so far.

~ # cat /proc/mtd
dev:    size   erasesize  name
mtd0: 08000000 00020000 "NAND 128MiB 3,3V 8-bit"
mtd1: 00e00000 00020000 "boot"
mtd2: 07200000 00020000 "rootfs"

demsg output - pastebin[/url

# ./blparam
bootcmd=run boot_nand
bootdelay=2
baudrate=115200
autoload=n
netmask=255.255.0.0
bootfile="uImage"
kernflmode=s
load_nand=nboot 60500000 0 200000
load_nand2=nboot 60500000 0 800000
boot=bootm 60500000
boot_nand=run load_nand boot || run load_nand2 boot
stdin=serial
stdout=serial
stderr=serial
bootargs=root=ubi0:rootfs ubi.mtd=2,512 rootfstype=ubifs console=ttyS0,115200 elevator=cfq mac_adr=0x00,0x00,0xe0,0x00,0x00,0x00 mem=128M poweroutage=yes
ethaddr=00:00:00:00:00:00
cesvcid=IVEHIDDENTHIS
ceboardver=PPRO1
serverip=192.168.ZZ.Z
ipaddr=192.168.ZZ.ZZZ
Re: pogo v3 (oxnas) enable ssh
February 20, 2017 11:46PM
cdlenfert2,

If is all stock settings. So when you are ready to move on, install both Debian and u-boot at the same time, inside stock OS:

Create rootfs first:
http://forum.doozan.com/read.php?2,16044

And then install new u-boot:
http://forum.doozan.com/read.php?3,16017

-bodhi
===========================
Wiki
latest Kirkwood kernel builds and rootfs
latest u-boot-kirkwood builds
latest Oxnas kernel builds and rootfs
latest u-boot-oxnas builds
latest MVEBU Armada kernel builds and rootfs
U-Boot & Kernel Booting process
bodhi's u-boot GitHub
bodhi's corner
Author:

Your Email:


Subject:


Spam prevention:
Please, enter the code that you see below in the input field. This is for blocking bots that try to post this form automatically. If the code is hard to read, then just try to guess it right. If you enter the wrong code, a new image is created and you get another chance to enter it right.
Message: