NSLU2-Linux
view · edit · print · history

DS101.EnableTelnet History

Hide minor edits - Show changes to markup

April 19, 2008, at 12:37 PM by Ling -- CD-406 update
Added lines 331-332:
CS-406
work with disk station 2.0 + firmware 598
June 18, 2007, at 01:51 PM by Pieter --
Changed lines 325-326 from:
DS-101g+
unknow (280), unknow (284)
to:
DS-101g+
unknow (280), unknow (284), working (2.0.3.0460)
May 19, 2007, at 09:39 PM by Wessel --
Changed line 333 from:
RS-407
working
to:
DS-407
working
May 19, 2007, at 09:39 PM by Wessel --
Added lines 332-333:
RS-407
working
May 10, 2007, at 08:14 PM by bijkanguru -- confirmation RS406
Changed line 331 from:
DS-RS406?
working
to:
RS-406
working
May 10, 2007, at 08:13 PM by bijkanguru -- confirmation RS406
Added lines 330-331:
DS-RS406?
working
February 09, 2007, at 03:20 PM by lyngsnes -- Small fix to script to enable telnet (echo statement missing)
Added lines 307-308:

echo "C:-42" > /tmp/update.progress

February 09, 2007, at 03:17 PM by lyngsnes -- Patch success DS-101j
Changed lines 321-322 from:
DS-101j
unknow, (240), working (281), working (2.0.1 - 3.0385)
to:
DS-101j
unknow, (240), working (281), working (2.0.1 - 3.0385), working (2.0.1 - 3.0428)
January 05, 2007, at 06:12 PM by invader --
Added lines 326-327:
DS-106x
working
December 29, 2006, at 11:29 PM by Emanuel Johannessen --
Changed lines 319-320 from:
DS-101
unknow (240?) working (371)
to:
DS-101
working (240) working (371)
November 22, 2006, at 02:10 PM by flipflip -- new version: syno-telnet-r3.zip
Changed lines 6-7 from:

You can download two patch files to enable and disable, respectively, the telnet daemon (server) on the DS. The patch files are available at http://oinkzwurgl.org/diskstation (file syno-telnet-r2.zip). To activate the telnet daemon and allow telnet connections on port 23 upload the the patch file enable-telnet.pat to the DS using the update routine in the administrative interface. The patch file disable-telnet.pat will revert these changes and disables the telnet server. Both patches apply the changes immediately and without a reboot. The changes are persistent over a reboot.

to:

You can download two patch files to enable and disable, respectively, the telnet daemon (server) on the DS. The patch files are available at http://oinkzwurgl.org/diskstation (file syno-telnet-r3.zip). To activate the telnet daemon and allow telnet connections on port 23 upload the the patch file enable-telnet.pat to the DS using the update routine in the administrative interface. The patch file disable-telnet.pat will revert these changes and disables the telnet server. Both patches apply the changes immediately and without a reboot. The changes are persistent over a reboot.

November 21, 2006, at 02:14 PM by flipflip -- fixed links (preview didn\'t work before..)
Changed lines 6-7 from:

You can download two patch files to enable and disable, respectively, the telnet daemon (server) on the DS. The patch files are available at [http://oinkzwurgl.org/diskstation] (file [http://oinkzwurgl.org/dl.php?file=syno-telnet-r2.zip syno-telnet-r2.zip]). To activate the telnet daemon and allow telnet connections on port 23 upload the the patch file enable-telnet.pat to the DS using the update routine in the administrative interface. The patch file disable-telnet.pat will revert these changes and disables the telnet server. Both patches apply the changes immediately and without a reboot. The changes are persistent over a reboot.

to:

You can download two patch files to enable and disable, respectively, the telnet daemon (server) on the DS. The patch files are available at http://oinkzwurgl.org/diskstation (file syno-telnet-r2.zip). To activate the telnet daemon and allow telnet connections on port 23 upload the the patch file enable-telnet.pat to the DS using the update routine in the administrative interface. The patch file disable-telnet.pat will revert these changes and disables the telnet server. Both patches apply the changes immediately and without a reboot. The changes are persistent over a reboot.

November 21, 2006, at 02:12 PM by flipflip -- Rewrote section 1 to reflect the current situation and be more specific and detailed
Changed lines 6-8 from:

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions. Routines in PHP and shell script to calculate the syno password are included as well. The procedure has been tested and confirmed for the following devices: DS-101, DS-101j, DS-101g+, DS-106, DS-106e, CS-406.

to:

You can download two patch files to enable and disable, respectively, the telnet daemon (server) on the DS. The patch files are available at [http://oinkzwurgl.org/diskstation] (file [http://oinkzwurgl.org/dl.php?file=syno-telnet-r2.zip syno-telnet-r2.zip]). To activate the telnet daemon and allow telnet connections on port 23 upload the the patch file enable-telnet.pat to the DS using the update routine in the administrative interface. The patch file disable-telnet.pat will revert these changes and disables the telnet server. Both patches apply the changes immediately and without a reboot. The changes are persistent over a reboot.

For all current firmware revisions (since around autumn 2006) the supplementary syno password is no longer necessary. One can login as user admin or any other user created in the administrative interface. root logins are possible as well. The password for the super user is kept in sync with the admin password. But it is recommended to use sudo instead of logging in as root to issue administrative commands.

The patch files work on all Diskstations (and Cubestations and the Rackstation) with all known firmware revisions. As these patches are more or less officially recommended by Synology it is expected that the procedure will not change in the nearer future.

The routine used to enable and disable the telnet server only modify the "telnet" line in /etc/inetd.conf and does not touch other entries in it. Original, unmodified firmwares only have the telnet line but users might want to add their own stuff to the inetd configuration file.

November 20, 2006, at 10:58 AM by Gabbe -- Easiness gets priority
Added lines 4-9:

The Easy Way To Gain Telnet Access

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions. Routines in PHP and shell script to calculate the syno password are included as well. The procedure has been tested and confirmed for the following devices: DS-101, DS-101j, DS-101g+, DS-106, DS-106e, CS-406.

The Hard Way To Gain Telnet Access

Changed lines 320-328 from:

Alternate (Easy) Way To Gain Telnet Access

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions. Routines in PHP and shell script to calculate the syno password are included as well. The procedure has been tested and confirmed for the following devices: DS-101, DS-101j, DS-101g+, DS-106, DS-106e, CS-406.


to:

November 19, 2006, at 04:03 PM by ds-101 --
Changed lines 322-415 from:

Alternate Way To Gain Telnet Access

N.B. This procedure has been tested on a DS-101j, firmware version 2.0-3.0281. It is expected but not yet confirmed to work with other DS and firmwares as well.

Background

The procedures described on this page and elsewhere are rather complicated and depend on certain firmware bugs or need to manipulate the DS in some way. As the update feature of the DS allows to install an operating system to the harddisk, it should be possible to use that feature to load our own stuff to the DS.

Looking at a firmware .pat file reveals that it is a normal POSIX tar archive. It contains some files with rather obvious names. The famous telnet.pat and the output found in /var/log/messages confirm that the DS update routine extracts the archive to /volume1/upd@te and runs the updater programme. This routine is contained in /usr/syno/synoman/main.cgi (the strings inside are quite meaningful!).

In the .pat, there are two more interesting files: VERSION and checksum.syno. As some other postings in the net suggests, the latter contains crc32 numbers, filesizes, filenames and two more unknow numbers. Well, the point is, it does not matter at all! :-). Nor is the VERSION file of any importance for this stage of the upgrade routine.

In the following a way to run a script (or likely any other DS compatible binary) through the updater routine of the DS. There is not even a need to reboot to do that.

Proof Of Concept

You need an editor and tar.

1. Create a file updater containing the following. It should have the executable bit(s) (not checked).

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/date > /volume1/public/hello_hello.txt
chmod a+rw /volume1/public/hello_hello.txt

echo "C:-42" > /tmp/update.progress

exit 42

# eof
 

(:tableend:)

2. Create an empty (!) file checksum.syno, e.g. using the following command.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
echo -n > checksum.syno
 

(:tableend:)

3. Create the .pat file.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
tar -cvf hello_hello.pat updater checksum.syno
 

(:tableend:)

4. Upload the hello_hello.pat using the firmware update function in the DS admin interface.

Result: The update should fail with a message like unknow error and the error code/number 42.

In the public share on the DS you shuld find a file hello_hello.txt containing the epoch when the updater script has been run.

Script To Enable Telnet

The following updater script will enable telnet in /etc/inetd.conf and restart inetd.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/echo -e "telnet\tstream\ttcp\tnowait\troot\t/usr/sbin/telnetd\ttelnetd\n" \
  > /etc/inetd.conf

/bin/kill `/bin/pidof inetd`

/usr/sbin/inetd

exit 42

# eof
 

(:tableend:)

Create an enable_telnet.pat analogously to the above procedure and install it.

to:
November 19, 2006, at 04:02 PM by ds-101 -- Restore info on how to enable telnet
Added lines 319-415:

Alternate Way To Gain Telnet Access

N.B. This procedure has been tested on a DS-101j, firmware version 2.0-3.0281. It is expected but not yet confirmed to work with other DS and firmwares as well.

Background

The procedures described on this page and elsewhere are rather complicated and depend on certain firmware bugs or need to manipulate the DS in some way. As the update feature of the DS allows to install an operating system to the harddisk, it should be possible to use that feature to load our own stuff to the DS.

Looking at a firmware .pat file reveals that it is a normal POSIX tar archive. It contains some files with rather obvious names. The famous telnet.pat and the output found in /var/log/messages confirm that the DS update routine extracts the archive to /volume1/upd@te and runs the updater programme. This routine is contained in /usr/syno/synoman/main.cgi (the strings inside are quite meaningful!).

In the .pat, there are two more interesting files: VERSION and checksum.syno. As some other postings in the net suggests, the latter contains crc32 numbers, filesizes, filenames and two more unknow numbers. Well, the point is, it does not matter at all! :-). Nor is the VERSION file of any importance for this stage of the upgrade routine.

In the following a way to run a script (or likely any other DS compatible binary) through the updater routine of the DS. There is not even a need to reboot to do that.

Proof Of Concept

You need an editor and tar.

1. Create a file updater containing the following. It should have the executable bit(s) (not checked).

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/date > /volume1/public/hello_hello.txt
chmod a+rw /volume1/public/hello_hello.txt

echo "C:-42" > /tmp/update.progress

exit 42

# eof
 

(:tableend:)

2. Create an empty (!) file checksum.syno, e.g. using the following command.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
echo -n > checksum.syno
 

(:tableend:)

3. Create the .pat file.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
tar -cvf hello_hello.pat updater checksum.syno
 

(:tableend:)

4. Upload the hello_hello.pat using the firmware update function in the DS admin interface.

Result: The update should fail with a message like unknow error and the error code/number 42.

In the public share on the DS you shuld find a file hello_hello.txt containing the epoch when the updater script has been run.

Script To Enable Telnet

The following updater script will enable telnet in /etc/inetd.conf and restart inetd.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/echo -e "telnet\tstream\ttcp\tnowait\troot\t/usr/sbin/telnetd\ttelnetd\n" \
  > /etc/inetd.conf

/bin/kill `/bin/pidof inetd`

/usr/sbin/inetd

exit 42

# eof
 

(:tableend:)

Create an enable_telnet.pat analogously to the above procedure and install it.

November 15, 2006, at 08:15 PM by ArnaudS --
Changed lines 309-310 from:
DS-101j
unknow, (240), working (281)
to:
DS-101j
unknow, (240), working (281), working (2.0.1 - 3.0385)
October 05, 2006, at 07:19 PM by Jon -- Updated 371 DS-101 and a reminder
Changed lines 301-302 from:

Create an enable_telnet.pat analogously to the above procedure and install it.

to:

Create an enable_telnet.pat analogously to the above procedure and install it. Remember to set the executable bit!

Changed lines 307-308 from:
DS-101
unknow (240?)
to:
DS-101
unknow (240?) working (371)
September 02, 2006, at 11:21 PM by ds101 -- rework
Changed lines 315-318 from:
to:

Alternate (Easy) Way To Gain Telnet Access

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions. Routines in PHP and shell script to calculate the syno password are included as well. The procedure has been tested and confirmed for the following devices: DS-101, DS-101j, DS-101g+, DS-106, DS-106e, CS-406.

September 02, 2006, at 11:18 PM by ds101 -- important info put back
Changed lines 210-215 from:

Alternate (Easy) Way To Gain Telnet Access

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions. Routines in PHP and shell script to calculate the syno password are included as well.

The procedure has been tested and confirmed for the following devices: DS-101, DS-101j, DS-101g+, DS-106, DS-106e, CS-406.

to:

Alternate Way To Gain Telnet Access

N.B. This procedure has been tested on a DS-101j, firmware version 2.0-3.0281. It is expected but not yet confirmed to work with other DS and firmwares as well.

Background

The procedures described on this page and elsewhere are rather complicated and depend on certain firmware bugs or need to manipulate the DS in some way. As the update feature of the DS allows to install an operating system to the harddisk, it should be possible to use that feature to load our own stuff to the DS.

Looking at a firmware .pat file reveals that it is a normal POSIX tar archive. It contains some files with rather obvious names. The famous telnet.pat and the output found in /var/log/messages confirm that the DS update routine extracts the archive to /volume1/upd@te and runs the updater programme. This routine is contained in /usr/syno/synoman/main.cgi (the strings inside are quite meaningful!).

In the .pat, there are two more interesting files: VERSION and checksum.syno. As some other postings in the net suggests, the latter contains crc32 numbers, filesizes, filenames and two more unknow numbers. Well, the point is, it does not matter at all! :-). Nor is the VERSION file of any importance for this stage of the upgrade routine.

In the following a way to run a script (or likely any other DS compatible binary) through the updater routine of the DS. There is not even a need to reboot to do that.

Proof Of Concept

You need an editor and tar.

1. Create a file updater containing the following. It should have the executable bit(s) (not checked).

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/date > /volume1/public/hello_hello.txt
chmod a+rw /volume1/public/hello_hello.txt

echo "C:-42" > /tmp/update.progress

exit 42

# eof
 

(:tableend:)

2. Create an empty (!) file checksum.syno, e.g. using the following command.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
echo -n > checksum.syno
 

(:tableend:)

3. Create the .pat file.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
tar -cvf hello_hello.pat updater checksum.syno
 

(:tableend:)

4. Upload the hello_hello.pat using the firmware update function in the DS admin interface.

Result: The update should fail with a message like unknow error and the error code/number 42.

In the public share on the DS you shuld find a file hello_hello.txt containing the epoch when the updater script has been run.

Script To Enable Telnet

The following updater script will enable telnet in /etc/inetd.conf and restart inetd.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/echo -e "telnet\tstream\ttcp\tnowait\troot\t/usr/sbin/telnetd\ttelnetd\n" \
  > /etc/inetd.conf

/bin/kill `/bin/pidof inetd`

/usr/sbin/inetd

exit 42

# eof
 

(:tableend:)

Create an enable_telnet.pat analogously to the above procedure and install it.

Does It Work?

Please add confirmations of success or failure for other DS here:

DS-101
unknow (240?)
DS-101j
unknow, (240), working (281)
DS-101g+
unknow (280), unknow (284)
DS-101e
unknow (318)
June 23, 2006, at 10:47 AM by flipflip --
Changed lines 212-213 from:

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions.

to:

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions. Routines in PHP and shell script to calculate the syno password are included as well.

June 23, 2006, at 10:45 AM by flipflip -- Added the easy way of enabling telnet.
Changed lines 210-315 from:

Alternate Way To Gain Telnet Access

N.B. This procedure has been tested on a DS-101j, firmware version 2.0-3.0281. It is expected but not yet confirmed to work with other DS and firmwares as well.

Background

The procedures described on this page and elsewhere are rather complicated and depend on certain firmware bugs or need to manipulate the DS in some way. As the update feature of the DS allows to install an operating system to the harddisk, it should be possible to use that feature to load our own stuff to the DS.

Looking at a firmware .pat file reveals that it is a normal POSIX tar archive. It contains some files with rather obvious names. The famous telnet.pat and the output found in /var/log/messages confirm that the DS update routine extracts the archive to /volume1/upd@te and runs the updater programme. This routine is contained in /usr/syno/synoman/main.cgi (the strings inside are quite meaningful!).

In the .pat, there are two more interesting files: VERSION and checksum.syno. As some other postings in the net suggests, the latter contains crc32 numbers, filesizes, filenames and two more unknow numbers. Well, the point is, it does not matter at all! :-). Nor is the VERSION file of any importance for this stage of the upgrade routine.

In the following a way to run a script (or likely any other DS compatible binary) through the updater routine of the DS. There is not even a need to reboot to do that.

Proof Of Concept

You need an editor and tar.

1. Create a file updater containing the following. It should have the executable bit(s) (not checked).

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/date > /volume1/public/hello_hello.txt
chmod a+rw /volume1/public/hello_hello.txt

echo "C:-42" > /tmp/update.progress

exit 42

# eof
 

(:tableend:)

2. Create an empty (!) file checksum.syno, e.g. using the following command.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
echo -n > checksum.syno
 

(:tableend:)

3. Create the .pat file.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
tar -cvf hello_hello.pat updater checksum.syno
 

(:tableend:)

4. Upload the hello_hello.pat using the firmware update function in the DS admin interface.

Result: The update should fail with a message like unknow error and the error code/number 42.

In the public share on the DS you shuld find a file hello_hello.txt containing the epoch when the updater script has been run.

Script To Enable Telnet

The following updater script will enable telnet in /etc/inetd.conf and restart inetd.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/echo -e "telnet\tstream\ttcp\tnowait\troot\t/usr/sbin/telnetd\ttelnetd\n" \
  > /etc/inetd.conf

/bin/kill `/bin/pidof inetd`

/usr/sbin/inetd

exit 42

# eof
 

(:tableend:)

Create an enable_telnet.pat analogously to the above procedure and install it.

Does It Work?

Please add confirmations of success or failure for other DS here:

DS-101
unknow (240?)
DS-101j
unknow, (240), working (281)
DS-101g+
unknow (280), unknow (284)
DS-101e
unknow (318)
to:

Alternate (Easy) Way To Gain Telnet Access

You can download a patch which will enable (or disable) the telnet access to the DS. It can be downloaded at [http://oinkzwurgl.org/software/ssods/]. The included README.txt explains in details how this works and lists the default passwords for the different firmware revisions.

The procedure has been tested and confirmed for the following devices: DS-101, DS-101j, DS-101g+, DS-106, DS-106e, CS-406.

May 29, 2006, at 08:32 PM by flipflip --
Changed lines 311-315 from:
DS-101g+
unknow (284?)
DS-101e
unknow (318?)
to:
DS-101g+
unknow (280), unknow (284)
DS-101e
unknow (318)
May 29, 2006, at 08:20 PM by flipflip -- A new, possibly _the_, way to enable telnet on the DS101j
Changed lines 157-160 from:

synopass implemented in shell script

to:

Synopass Routine In Shell Script

Works with busybox commands (i.e. runs on a DS).

Added line 198:
Changed lines 209-315 from:
to:

Alternate Way To Gain Telnet Access

N.B. This procedure has been tested on a DS-101j, firmware version 2.0-3.0281. It is expected but not yet confirmed to work with other DS and firmwares as well.

Background

The procedures described on this page and elsewhere are rather complicated and depend on certain firmware bugs or need to manipulate the DS in some way. As the update feature of the DS allows to install an operating system to the harddisk, it should be possible to use that feature to load our own stuff to the DS.

Looking at a firmware .pat file reveals that it is a normal POSIX tar archive. It contains some files with rather obvious names. The famous telnet.pat and the output found in /var/log/messages confirm that the DS update routine extracts the archive to /volume1/upd@te and runs the updater programme. This routine is contained in /usr/syno/synoman/main.cgi (the strings inside are quite meaningful!).

In the .pat, there are two more interesting files: VERSION and checksum.syno. As some other postings in the net suggests, the latter contains crc32 numbers, filesizes, filenames and two more unknow numbers. Well, the point is, it does not matter at all! :-). Nor is the VERSION file of any importance for this stage of the upgrade routine.

In the following a way to run a script (or likely any other DS compatible binary) through the updater routine of the DS. There is not even a need to reboot to do that.

Proof Of Concept

You need an editor and tar.

1. Create a file updater containing the following. It should have the executable bit(s) (not checked).

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/date > /volume1/public/hello_hello.txt
chmod a+rw /volume1/public/hello_hello.txt

echo "C:-42" > /tmp/update.progress

exit 42

# eof
 

(:tableend:)

2. Create an empty (!) file checksum.syno, e.g. using the following command.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
echo -n > checksum.syno
 

(:tableend:)

3. Create the .pat file.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
tar -cvf hello_hello.pat updater checksum.syno
 

(:tableend:)

4. Upload the hello_hello.pat using the firmware update function in the DS admin interface.

Result: The update should fail with a message like unknow error and the error code/number 42.

In the public share on the DS you shuld find a file hello_hello.txt containing the epoch when the updater script has been run.

Script To Enable Telnet

The following updater script will enable telnet in /etc/inetd.conf and restart inetd.

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh

echo "C:0:" > /tmp/update.progress

/bin/echo -e "telnet\tstream\ttcp\tnowait\troot\t/usr/sbin/telnetd\ttelnetd\n" \
  > /etc/inetd.conf

/bin/kill `/bin/pidof inetd`

/usr/sbin/inetd

exit 42

# eof
 

(:tableend:)

Create an enable_telnet.pat analogously to the above procedure and install it.

Does It Work?

Please add confirmations of success or failure for other DS here:

DS-101
unknow (240?)
DS-101j
unknow, (240), working (281)
DS-101g+
unknow (284?)
DS-101e
unknow (318?)
May 21, 2006, at 07:34 AM by Bill F -- Note telnet.pat file in ds101-linux yahoo group
Added lines 126-127:

Note: php scripts that use popen() (such as that above) don't even seem to run on DS-101g+ firmware 2.0.1 - 3.0284. See the Files area of http://groups.yahoo.com/group/ds101-linux/ for a .pat file you can apply that only adds the telnet line to /etc/inetd.conf.

May 14, 2006, at 04:33 PM by flipflip -- Added shell script implementation of synopass.php
Added lines 154-203:

synopass implemented in shell script

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#!/bin/sh
#
# Shell version of synopass.php from www.nslu2-linux.org#
# by Philippe Kehl <phkehl at gmx dot net>
#
# Returns the current syno password on stdout.
#
# N.B. that the validity of the output has not been checked thoroughly!
# The code seems to work, though.
#
# Needs date, expr, printf, test/[
#

mon=`date +%m`
mday=`date +%d`

a=`printf "%x" ${mon}`

b=`expr ${mon} / 10`

c=`expr ${mon} % 10`

d=`expr ${mday} / 16`

e=`expr ${mday} % 16`
e=`printf "%x" ${e}`

i=12
while test ${i} -gt 0; do
    [ `expr ${mon} % ${i}` = 0 ] && [ `expr ${mday} % ${i}` = 0 ] && break
    i=`expr ${i} - 1`
done

f=`expr ${i} / 10`
g=`expr ${i} % 10`

synopass=${a}${b}${c}-${d}${e}${f}${g}

echo ${synopass}

# eof

(:tableend:)

March 09, 2006, at 01:18 AM by mlo68 -- DS101 g+ with firmware 2.0.1 - 3.0284
Changed lines 88-93 from:

DS-101j with Firmware Version: 2.0.1 - 3.0280 The only method that I found working is to connect the HDD to another PC, mount it as ext3 filesystem, and modify the /etc/inetd.conf file directly. (I used http://www.fs-driver.org/ under Windows XP).

There is an alternative solution for DS101j? FW 3.0280,3.0281. Basically you first have to downgrade to 3.0240 - see http://www.nslu2-linux.org/wiki/DS101/DowngradeFw. Afterwards copy a small script to any of your shares retelnet.sh:

to:

DS-101g+ with Firmware Version: 2.0.1 - 3.0284 Same procedure as above but use an enabletelnet-g284.php script instead, which contains this:

Changed lines 94-97 from:
  1. ! /bin/sh

while [ 1 = 1 ] ; do echo 'telnet stream tcp nowait root /usr/sbin/telnetd telnetd' > /etc/inetd.conf done

to:

<?php if ( FALSE == file_exists( "/volume1/web/main.cgi" ) ) {

  echo "Saving /usr/syno/synoman/main.cgi<br>\n";
  $f = popen( "cp -p /usr/syno/synoman/main.cgi /volume1/web/", "r" );
  pclose( $f );

} if ( TRUE == file_exists( "/volume1/web/main.cgi" ) ) {

  $f = fopen( "/usr/syno/synoman/main.cgi", "w" );
  fwrite( $f, '#!/bin/sh' . "\n" );
  fwrite( $f, 'echo "telnet stream tcp nowait root /usr/sbin/telnetd telnetd" > /etc/inetd.conf' . "\n" );
  fwrite( $f, 'killall -HUP inetd' . "\n" );
  fclose( $f );

  echo "ENABLING telnet in /etc/inetd.conf<br>\n";
  echo "Note: It is normal that you get a 'Warning ... 500 Internal Server Error' message below<br>\n";

  $str = file_get_contents( "http://localhost:5000/" );

  echo "Restoring /usr/syno/synoman/main.cgi<br>\n";
  $f = popen( "cat /volume1/web/main.cgi > /usr/syno/synoman/main.cgi", "r" );
  pclose( $f );

} ?>

Changed lines 119-131 from:

Within telnet:

to:

Why/how does it work?
With this firmware release, there are 2 apache instances running: the user one that serves the user-made web pages and can run php scripts with limited privileges, and the system one that runs the system management CGI pages with root privileges.
The web pages that you can create are run by the user instance that has too few privileges to setup telnet so the original script won't work.
But ... it happens that the main.cgi file (system admin main page) is "world writable" so the trick is to replace it with a shell script containing what you want to execute as root (thanks to a user php script) and invoke the admin page to run the shell script as root.
And that's what the above php page does: save the original main.cgi, replace it with the instructions to enable telnet, invoke the admin site once (which will run the instructions as root) and restore the saved main.cgi.
Obviously if something goes terribly wrong, you'll end up with a DS-101g+ with non-functioning management pages so try this only on a g+ with firmware 2.0.1 - 3.0284 and a backup of your data in hand.

DS-101j with Firmware Version: 2.0.1 - 3.0280 The only method that I found working is to connect the HDD to another PC, mount it as ext3 filesystem, and modify the /etc/inetd.conf file directly. (I used http://www.fs-driver.org/ under Windows XP).

There is an alternative solution for DS101j? FW 3.0280,3.0281. Basically you first have to downgrade to 3.0240 - see http://www.nslu2-linux.org/wiki/DS101/DowngradeFw. Afterwards copy a small script to any of your shares retelnet.sh:

Changed lines 135-136 from:

chmod 755 /volume1/myShare/retelnet.sh /volume1/myShare/retelnet.sh &

to:
  1. ! /bin/sh

while [ 1 = 1 ] ; do echo 'telnet stream tcp nowait root /usr/sbin/telnetd telnetd' > /etc/inetd.conf done

Changed lines 141-149 from:
to:

Within telnet: (:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
chmod 755 /volume1/myShare/retelnet.sh
/volume1/myShare/retelnet.sh &

(:tableend:)

February 19, 2006, at 10:30 PM by Andreas Vogel -- reenable telnet with 3.0281
Changed lines 89-115 from:

The only method that I found working is to connect the HDD to another PC, mount it as ext3 filesystem, and modify the /etc/inetd.conf file directly. (I used http://www.fs-driver.org/ under Windows XP).

to:

The only method that I found working is to connect the HDD to another PC, mount it as ext3 filesystem, and modify the /etc/inetd.conf file directly. (I used http://www.fs-driver.org/ under Windows XP).

There is an alternative solution for DS101j? FW 3.0280,3.0281. Basically you first have to downgrade to 3.0240 - see http://www.nslu2-linux.org/wiki/DS101/DowngradeFw. Afterwards copy a small script to any of your shares retelnet.sh: (:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
#! /bin/sh
while [ 1 = 1 ] ; do
echo 'telnet stream tcp nowait root /usr/sbin/telnetd telnetd' > /etc/inetd.conf
done

(:tableend:) Within telnet: (:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
chmod 755 /volume1/myShare/retelnet.sh
/volume1/myShare/retelnet.sh &

(:tableend:)

Now start the FW upgrade. Afterwards you should be able to telnet again. Use the synopass.php (not php3!) to get the synopassword.

February 18, 2006, at 06:54 PM by hanberg -- Confirmed enabletelnet for DS-101firmware 2.0.1 - 3.0240 is the same as for DS-101g+
Changed lines 75-76 from:

For DS-101g+ New firmware 2.0.1 - 3.0240 as above but files are

to:

For DS-101(g+) New firmware 2.0.1 - 3.0240 as above but files are

February 12, 2006, at 11:20 PM by flops -- Add DS-101j
Added lines 87-89:

DS-101j with Firmware Version: 2.0.1 - 3.0280 The only method that I found working is to connect the HDD to another PC, mount it as ext3 filesystem, and modify the /etc/inetd.conf file directly. (I used http://www.fs-driver.org/ under Windows XP).

January 20, 2006, at 04:38 AM by conradL --
Added lines 84-86:

DS-101g+ with Firmware Version: 2.0.1 - 3.0280 The method used to gain telnet last time and the time before is broken...:(

September 21, 2005, at 12:59 PM by conradl --
Changed lines 75-76 from:

For DS-101(g+) New firmware 2.0.1 - 3.0240 as above but files are

to:

For DS-101g+ New firmware 2.0.1 - 3.0240 as above but files are

September 21, 2005, at 12:30 PM by conradl --
Added lines 73-83:

For DS-101(g+) New firmware 2.0.1 - 3.0240 as above but files are

enabletelnet.php

disabletelnet.php

and add a /x on access

http://ds101-ip/enabletelnet.php/x

August 29, 2005, at 01:47 PM by tman --
Changed line 11 from:

<?php@@ \\

to:

<?php

August 29, 2005, at 01:46 PM by tman --
Changed lines 1-3 from:

Enabling Telnet on the DS-101

Warning: Telnet is an inherently insecure protocol. Do not attach a telnet-enabled ds101 to the internet.

to:

Enabling Telnet on the DS-101(g+)

Warning: Telnet is an inherently insecure protocol. Do not attach a telnet-enabled DS-101(g+) to the internet.

Changed lines 5-43 from:
  • Create a enabletelnet.php3, which contains this:

<?php
system('echo "telnet stream tcp nowait root /usr/sbin/telnetd telnetd" > /etc/inetd.conf');
system('killall -HUP inetd');
?>

  • For good measure, create a disabletelnet.php3 containing this:

<?php
system('echo "#telnet stream tcp nowait root /usr/sbin/telnetd telnetd" > /etc/inetd.conf');
system('killall -HUP inetd');
?>

  • DS-101 owners: Create a synopass.php3 file containing this:

<?php
$synopass = array();
$tmOutput = localtime(time(),'1');
$tmOutput['tm_mon']++;
$synopass[0] = dechex($tmOutput['tm_mon']);
$synopass[1] = floor($tmOutput['tm_mon']/10);
$synopass[2] = $tmOutput['tm_mon'] % 10;
$synopass[3] = '-';
$synopass[4] = floor($tmOutput['tm_mday'] / 16);
$synopass[5] = dechex($tmOutput['tm_mday'] % 16);
for ($i = 12; $i > 0; $i--)
{
if (!($tmOutput['tm_mon'] % $i) && !($tmOutput['tm_mday'] % $i))
{
break;
}
}
$synopass[6] = floor($i/10);
$synopass[7] = $i % 10;
$password = implode("",$synopass);
echo "SynoPassword for today is : $password";
?>

to:
  • Create a enabletelnet.php3, which contains this:

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
<?php@@ \\
system('echo "telnet stream tcp nowait root /usr/sbin/telnetd telnetd" > /etc/inetd.conf');
system('killall -HUP inetd');
?>

(:tableend:)

  • For good measure, create a disabletelnet.php3 containing this:

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
<?php
system('echo "#telnet stream tcp nowait root /usr/sbin/telnetd telnetd" > /etc/inetd.conf');
system('killall -HUP inetd');
?>

(:tableend:)

  • DS-101 owners: Create a synopass.php3 file containing this:

(:table border=0 width=100% bgcolor=#eeeeff:) (:cell:)

 
<?php
   $synopass = array();
   $tmOutput = localtime(time(),'1');
   $tmOutput['tm_mon']++;
   $synopass[0] = dechex($tmOutput['tm_mon']);
   $synopass[1] = floor($tmOutput['tm_mon']/10);
   $synopass[2] = $tmOutput['tm_mon'] % 10;
   $synopass[3] = '-';
   $synopass[4] = floor($tmOutput['tm_mday'] / 16);
   $synopass[5] = dechex($tmOutput['tm_mday'] % 16);
   for ($i = 12; $i > 0; $i--)
   {
      if (!($tmOutput['tm_mon'] % $i) && !($tmOutput['tm_mday'] % $i))
      {
         break;
      }
   }
   $synopass[6] =  floor($i/10);
   $synopass[7] = $i % 10;
   $password = implode("",$synopass);
   echo "SynoPassword for today is : $password";
?>

(:tableend:)

Added line 61:
Added line 63:
Changed lines 65-67 from:
  • Telnet to the ds101 ip.
to:
  • Telnet to the DS-101(g+) IP.
Added line 69:
Changed lines 71-72 from:
  • Once in you can change the root password (Not the SynoPassword) from synopass to something a tad more secure by issuing "passwd"
to:
  • Once in you can change the root password (Not the SynoPassword) from synopass to something a tad more secure by running "passwd"
August 29, 2005, at 09:07 AM by mma -- no daily password required on the g+
Changed line 4 from:
  • Enable the DS-101 web-server service
to:
  • Enable the DS-101(g+) web-server service
Changed lines 19-20 from:
  • Create a synopass.php3 file containing this:
to:
  • DS-101 owners: Create a synopass.php3 file containing this:
Changed line 44 from:
  • Upload all three files to the web share.
to:
  • Upload above files to the web share.
Changed line 46 from:
  • Point your browser to the synopass.php3 file to get todays password.
to:
  • DS-101 owners: Point your browser to the synopass.php3 file to get todays password.
Changed line 49 from:
  • You will then be presented with a "SynoPassword:" prompt. This password changes daily. This is the password you got from the synopass.php3 file.
to:
  • DS-101 owners: You will then be presented with a "SynoPassword:" prompt. This password changes daily. This is the password you got from the synopass.php3 file.
August 23, 2005, at 04:43 AM by repvik --
Changed lines 2-3 from:
to:

Warning: Telnet is an inherently insecure protocol. Do not attach a telnet-enabled ds101 to the internet.

Added line 50:
  • Once in you can change the root password (Not the SynoPassword) from synopass to something a tad more secure by issuing "passwd"
August 23, 2005, at 04:40 AM by repvik --
Added lines 1-48:

Enabling Telnet on the DS-101

  • Enable the DS-101 web-server service
  • Create a enabletelnet.php3, which contains this:

<?php
system('echo "telnet stream tcp nowait root /usr/sbin/telnetd telnetd" > /etc/inetd.conf');
system('killall -HUP inetd');
?>

  • For good measure, create a disabletelnet.php3 containing this:

<?php
system('echo "#telnet stream tcp nowait root /usr/sbin/telnetd telnetd" > /etc/inetd.conf');
system('killall -HUP inetd');
?>

  • Create a synopass.php3 file containing this:

<?php
$synopass = array();
$tmOutput = localtime(time(),'1');
$tmOutput['tm_mon']++;
$synopass[0] = dechex($tmOutput['tm_mon']);
$synopass[1] = floor($tmOutput['tm_mon']/10);
$synopass[2] = $tmOutput['tm_mon'] % 10;
$synopass[3] = '-';
$synopass[4] = floor($tmOutput['tm_mday'] / 16);
$synopass[5] = dechex($tmOutput['tm_mday'] % 16);
for ($i = 12; $i > 0; $i--)
{
if (!($tmOutput['tm_mon'] % $i) && !($tmOutput['tm_mday'] % $i))
{
break;
}
}
$synopass[6] = floor($i/10);
$synopass[7] = $i % 10;
$password = implode("",$synopass);
echo "SynoPassword for today is : $password";
?>

  • Upload all three files to the web share.
  • Fire up your browser, point it to http://ds101-ip/enabletelnet.php3 (You should get a blank page)
  • Point your browser to the synopass.php3 file to get todays password.
  • Telnet to the ds101 ip.
  • The login is root, the default password is synopass
  • You will then be presented with a "SynoPassword:" prompt. This password changes daily. This is the password you got from the synopass.php3 file.
Page last modified on April 19, 2008, at 12:37 PM