hapless
Sep 6, 2012, 1:25:03 PM9/6/12
to al...@googlegroups.com
Evening all, Joao,
firstly can I say that I have really enjoyed using Alt-F, it made such a difference to my simple needs so thanks Joao for all your hard work and tolerance with us users!!
Yesterday, tried to log in and I get the following:
Use only ASCII characters for the password, no spaces:
letters, numbers and ! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
Er, ok?!! My password is a combination of upper & lower case with numbers - no spaces or funny characters?
So I spend most of the day searching for answers across the interwebs, I've read nearly all of the threads which have password in them and I'm stuck?
After trying all the suggestions I thought, sod it, I'll long press the reset and start again, data is all safe so that's no problem.
However, I made the big mistake of just putting a space as the password.
I can't get into the SWAT config page as it asks for the root password, space is not accepted and neither is anything else!
I've followed your guide from here: http://forum.dsmg600.info/viewtopic.php?pid=39305#p39305
I've got to option 5 again, then 3 and still no joy - I get the Ascii bit again?
So, was there anything in the update I did that borked something, or has my box just thrown it's toys out?
Anyways - as long as I don't lose the data on the disks then what is the best way of sorting this?
I can follow instructions, but I'm not a Linux man - I'd not even used telnet until I set this up in February!
I can't see the nas on the network, however minidlna is still serving, so that's me very confused!
Thanks again for everything!
Andy
firstly can I say that I have really enjoyed using Alt-F, it made such a difference to my simple needs so thanks Joao for all your hard work and tolerance with us users!!
Alt-F 0.1RC2, DNS-323 on a C1 revision
I know I've taken a backup of the settings - but damned if I can find it!! I am still looking...
Yesterday, tried to log in and I get the following:
Use only ASCII characters for the password, no spaces:
letters, numbers and ! # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~
Er, ok?!! My password is a combination of upper & lower case with numbers - no spaces or funny characters?
So I spend most of the day searching for answers across the interwebs, I've read nearly all of the threads which have password in them and I'm stuck?
After trying all the suggestions I thought, sod it, I'll long press the reset and start again, data is all safe so that's no problem.
However, I made the big mistake of just putting a space as the password.
I can't get into the SWAT config page as it asks for the root password, space is not accepted and neither is anything else!
I've followed your guide from here: http://forum.dsmg600.info/viewtopic.php?pid=39305#p39305
I've got to option 5 again, then 3 and still no joy - I get the Ascii bit again?
So, was there anything in the update I did that borked something, or has my box just thrown it's toys out?
Anyways - as long as I don't lose the data on the disks then what is the best way of sorting this?
I can follow instructions, but I'm not a Linux man - I'd not even used telnet until I set this up in February!
I can't see the nas on the network, however minidlna is still serving, so that's me very confused!
Thanks again for everything!
Andy
Joao Cardoso
Sep 6, 2012, 4:50:06 PM9/6/12
to al...@googlegroups.com
Top posting :-(
-the web password is stored, in plain text, in the file /etc/web-secret, that should not be readable by anyone else then user 'root'
-the web password will be the 'root' user password, unless you change it using the 'passwd' command cmdline when logged-in as the 'root' user
-NOTICE: passwords are stored in non-volatile flash memory, so if you don't "save setting" after changing them, after a reboot the old password will resurrect
-passwords in Alt-F don't have the same rules as other systems passwords might have, so don't follow their rules. Use single letters for a start, and after "saving setting" do a reboot, just to be sure.
Now: -Can you login the box as the user 'root' using ssh or telnet?
-if you can, just use the command
echo foo > /etc/web-secret
than use 'foo' as the web password to login using the web page, then change the password using System->utilities->Change password, entering 'foo' as the current password, then you have to login again entering the new password twice, then System->Settings->Save Settings.
-if you can't, you have to press the back button more than 10 but less than 20 seconds (count the led blinking), then telnet the box on port 26, no password will be asked, and once logged-in do the same as above
Solved? No? What have you exactly done?
hapless
Sep 7, 2012, 5:48:26 AM9/7/12
to al...@googlegroups.com
On Thursday, September 6, 2012 9:50:06 PM UTC+1, Joao Cardoso wrote:
Top posting :-(-the web password is stored, in plain text, in the file /etc/web-secret, that should not be readable by anyone else then user 'root'-the web password will be the 'root' user password, unless you change it using the 'passwd' command cmdline when logged-in as the 'root' user-NOTICE: passwords are stored in non-volatile flash memory, so if you don't "save setting" after changing them, after a reboot the old password will resurrect-passwords in Alt-F don't have the same rules as other systems passwords might have, so don't follow their rules. Use single letters for a start, and after "saving setting" do a reboot, just to be sure.Now: -Can you login the box as the user 'root' using ssh or telnet?-if you can, just use the commandecho foo > /etc/web-secretthan use 'foo' as the web password to login using the web page, then change the password using System->utilities->Change password, entering 'foo' as the current password, then you have to login again entering the new password twice, then System->Settings->Save Settings.-if you can't, you have to press the back button more than 10 but less than 20 seconds (count the led blinking), then telnet the box on port 26, no password will be asked, and once logged-in do the same as above
Solved? No? What have you exactly done?
Morning!
Thanks for coming back to me so quickly Joao.
OK, I understand your comments about the passwords.
I have done all of your instructions, and used the password foo, but when I go into the alt-f web page and try to log in, it keeps coming back to the pic attached.
For some reason, any text entered into the password box results in this? This is the same using any browser, and on multiple devices. When I did the wrong thing and used space as the password, it was happy with that?
If I use anything else that requires passwords, it's fine.
I'm thinking, brutal as it may be, but I can I reflash the firmware and start from scratch?
Thanks again,
Joao Cardoso
Sep 7, 2012, 8:48:17 AM9/7/12
to al...@googlegroups.com
On Friday, September 7, 2012 10:48:26 AM UTC+1, hapless wrote:
On Thursday, September 6, 2012 9:50:06 PM UTC+1, Joao Cardoso wrote:
Top posting :-(-the web password is stored, in plain text, in the file /etc/web-secret, that should not be readable by anyone else then user 'root'-the web password will be the 'root' user password, unless you change it using the 'passwd' command cmdline when logged-in as the 'root' user-NOTICE: passwords are stored in non-volatile flash memory, so if you don't "save setting" after changing them, after a reboot the old password will resurrect-passwords in Alt-F don't have the same rules as other systems passwords might have, so don't follow their rules. Use single letters for a start, and after "saving setting" do a reboot, just to be sure.Now: -Can you login the box as the user 'root' using ssh or telnet?-if you can, just use the commandecho foo > /etc/web-secretthan use 'foo' as the web password to login using the web page, then change the password using System->utilities->Change password, entering 'foo' as the current password, then you have to login again entering the new password twice, then System->Settings->Save Settings.-if you can't, you have to press the back button more than 10 but less than 20 seconds (count the led blinking), then telnet the box on port 26, no password will be asked, and once logged-in do the same as above
Solved? No? What have you exactly done?
Morning!
Thanks for coming back to me so quickly Joao.
OK, I understand your comments about the passwords.
I have done all of your instructions,
But had you to press the back button and telnet to port 26?
Or a normal ssh/telnet? In this case, what password do you enter? old one? space? other?
and used the password foo, but when I go into the alt-f web page and try to log in, it keeps coming back to the pic attached.
OK, try using the command
rm /etc/web-secret
instead of the 'echo foo > ...'.
Then try to login into the web page, two entry fields should appear. Did they?
Then save settings and reboot.
Can you then login into the web page?
Can you login using ssh/telnet?
For some reason, any text entered into the password box results in this? This is the same using any browser,
beware of browser caching...
and on multiple devices. When I did the wrong thing and used space as the password, it was happy with that?
Damn, I have to fix this, single spaces should not be allowed!
If I use anything else that requires passwords, it's fine.
Don't understand what you mean.
I'm thinking, brutal as it may be, but I can I reflash the firmware and start from scratch?
It has the same effect as pressing the back button for more than 20 seconds. And only if when reflashing you choose to "erase settings", otherwise they will survive and the issue will reapear.
Thanks again,
hapless
Sep 8, 2012, 8:58:28 AM9/8/12
to al...@googlegroups.com
On Friday, September 7, 2012 10:48:26 AM UTC+1, hapless wrote:On Thursday, September 6, 2012 9:50:06 PM UTC+1, Joao Cardoso wrote:
Morning!
Thanks for coming back to me so quickly Joao.
OK, I understand your comments about the passwords.
I have done all of your instructions,But had you to press the back button and telnet to port 26?Or a normal ssh/telnet? In this case, what password do you enter? old one? space? other?
Yes, Windows 7, telnet in to NAS via command: o 192.168.0.32,
NAS login: root
Password: (nothing entered just hit the enter key)
COLUMNS=80;LINES=25;export COLUMNS LINES;
# (-if you can, just use the command) echo foo > /etc/web-secret
I then refreshed the web page, and tried to login using 'foo' as instructed (without quotes) and I get the same error as the pic I posted.
NAS login: root
Password: (nothing entered just hit the enter key)
COLUMNS=80;LINES=25;export COLUMNS LINES;
# (-if you can, just use the command) echo foo > /etc/web-secret
I then refreshed the web page, and tried to login using 'foo' as instructed (without quotes) and I get the same error as the pic I posted.
and used the password foo, but when I go into the alt-f web page and try to log in, it keeps coming back to the pic attached.OK, try using the commandrm /etc/web-secretinstead of the 'echo foo > ...'.
ok, done this
Then try to login into the web page, two entry fields should appear. Did they?
yes
Then save settings and reboot.
Can't save settings, I get the error message as per the pic, " Use only ASCII characters...."
Can you then login into the web page?
No
Can you login using ssh/telnet?
Yes, but not using any password, only pressing enter gets me into the NAS.
For some reason, any text entered into the password box results in this? This is the same using any browser,beware of browser caching...
Caches cleared, rebooted pc, still the same in Firefox, IE9, Opera and Chrome, it's as if the password box is using a different character set?
and on multiple devices. When I did the wrong thing and used space as the password, it was happy with that?Damn, I have to fix this, single spaces should not be allowed!
If I use anything else that requires passwords, it's fine.Don't understand what you mean.
If I use any other web apps that require passwords - banking, logging to router, forums etc, all are fine.
I'm thinking, brutal as it may be, but I can I reflash the firmware and start from scratch?It has the same effect as pressing the back button for more than 20 seconds. And only if when reflashing you choose to "erase settings", otherwise they will survive and the issue will reapear.
This doesn't affect the data on the drives does it, I can select as part of the set up not to touch the disks?
Thanks again for your support,
Thanks again for your support,
Joao Cardoso
Sep 8, 2012, 1:25:10 PM9/8/12
to al...@googlegroups.com
After 'rm ...' and two passwd entry fields appear, have you used a simple pass such as abc? And got the "use only ASCII..." msg? Can't be (sorry) it has to be browser caching!
Sorry being so terse, week-end, smartphone, one finger typing.
Sorry being so terse, week-end, smartphone, one finger typing.
hapless
Sep 8, 2012, 3:52:57 PM9/8/12
to al...@googlegroups.com
After 'rm ...' and two passwd entry fields appear, have you used a simple pass such as abc?
Yep, abc, 12345, hello, nasbox, foo
And got the "use only ASCII..." msg? Can't be (sorry) it has to be browser caching!
But in all the browsers? That's the bit I struggle with?
Firefox on W7 64 is my regular browser, but I also use Opera, Chrome (SW Iron actually, but same thing) and IE9 for cashback shopping - this especially has cache, history & cookies cleared on launching and they all display the 'Use only Ascii...' message, I even looked in on my blackberry playbook browser and same thing - I only got that this week and had not even looked at the webgui?!
Firefox on W7 64 is my regular browser, but I also use Opera, Chrome (SW Iron actually, but same thing) and IE9 for cashback shopping - this especially has cache, history & cookies cleared on launching and they all display the 'Use only Ascii...' message, I even looked in on my blackberry playbook browser and same thing - I only got that this week and had not even looked at the webgui?!
Sorry being so terse, week-end, smartphone, one finger typing.
Not a problem, your responses are very much appreciated - I can wait.
Maybe we should all donate to get you a tablet, I love mine but want a bigger android tablet now ;)
Maybe we should all donate to get you a tablet, I love mine but want a bigger android tablet now ;)
Please enjoy your weekend as much as you can, I won't be back until tomorrow evening at the earliest, family do :(
Joao Cardoso
Sep 11, 2012, 9:43:35 PM9/11/12
to al...@googlegroups.com
On Saturday, September 8, 2012 8:52:57 PM UTC+1, hapless wrote:
After 'rm ...' and two passwd entry fields appear, have you used a simple pass such as abc?Yep, abc, 12345, hello, nasbox, fooAnd got the "use only ASCII..." msg? Can't be (sorry) it has to be browser caching!But in all the browsers? That's the bit I struggle with?
Firefox on W7 64 is my regular browser, but I also use Opera, Chrome (SW Iron actually, but same thing) and IE9 for cashback shopping - this especially has cache, history & cookies cleared on launching and they all display the 'Use only Ascii...' message, I even looked in on my blackberry playbook browser and same thing - I only got that this week and had not even looked at the webgui?!
As I explained, the webgui password is stored in the /etc/web-secret file. When that file does not exists, that means that there is no stored password, and the webgui presents you with two password entry fields, so you can confirm the password. After that, the two password are verified for "legal" characters and equality, stored in plain form in the web-secret file and the 'root' user (super-user or administrator in MS parlance) password is set to the same value.
You discovered a bug, as a space-only password was accepted as valid and the session was enabled; however, the web-secret file is existent but empty, so you are not able to login after a logout of after the session expires.
When you executed the "rm /etc/web-secret" command, the webgui password is non-existent and not checked anymore, only the two password entry fields are verified to have only "legal" characters and equal.
This is exactly the same situation that all us find when using Alt-F the first time, or when we change the password in the System->Utilities->Change Password web page, and nobody complained...
As you said "I know I've taken a backup of the settings - but damned if I can find it!! I am still looking...", that means that you have already used a non-empty/space-only password, and if it was accepted before, so why not now?
So, I thought on a browser cache issue, but after your reply and I don't have a response to your problem.
I don't think that this will solve the problem, but you can try the following:
login as the 'root' user, then
rm /etc/web-secret # remove the web secret file
loadsave_settings -sf # save settings ins flash memory
reboot # obvious
Reply all
Reply to author
Forward
0 new messages