authorized_keys overwritten at reboot

[harryd]

I can confirm the exitence of the 'admin@Richard-TS209' in Firmware 2.0.1 Build 0324T

got it, def be on high priority for this issue. thanks for the info

Whats the status?

Regards, harryd

[ronc]

Late last year at the start of this thread, QNAPAndy said:

Hi Codex22,

Place your file on the hard drive first and follow this guide below to automatically copy the file from hard disk to root's home every time you reboot the device.

Andy

The link is now broken--apparently due to a forum reorg--and try to intuit 1875 references as I might, I can't find it. As I've installed my own keys and had a private rant about the built-in security hole for "Richard", I'm rather keen to be sure my keys survive a restart. Would be nice if the info was sticky, and apologies in advance if it is and I just need to told to shaddup and siddown (as long as I'm also told where it is )

RonC

[codex22]

Try it here:
http://forum.qnap.com/viewtopic.php?p=1 ... onfig#1878

[ronc]

Thanks. I'd seen that one but didn't realize it was the one in question as it only seemed to talk about the autorun script. Anwyay, I've added the following to the autorun file to overwrite QNAP Richard's back door access (joke):

Code: Select all

echo "[public key string]" > /root/.ssh/authorized_keys

And that does the job. Is there a post somewhere that explains what all those /dev/mtdb* things do?

[AndyChuo]

I confirmed that it's been removed now and the changes will be applied in the next firmware update soon, thanks for reminding for my bad memory.

by the way they are flash partitions on the NAS only.

[skirmani]

I confirmed that it's been removed now and the changes will be applied in the next firmware update soon, thanks for reminding for my bad memory.

by the way they are flash partitions on the NAS only.

Hey Andy,

Hope this "default" authorized_keys file issue is resolved soon. It does effect the security of our files.

Regards,

Shahzad

[AndyChuo]

thanks for the letting us know and it's been removed from our firmware daily builds now.

[SteveWilhelm]

This is also an issue with TS-109 as well. I just installed and found the same default authorized_key for admin@Richard-TS209.

How can I remove this permanently?

[symphys]

It would be nice to have a page in the webinterpage where authorized_keys could be changed. So the user doesn't have to login after a restart and change the file with vi...

[haraku]

Nope, just installed the latest firmware (2.0.1 Build 080416), and Richard's back door is still there...
Fortunately the workaround mentioned by ronc

echo "[public key string]" > /root/.ssh/authorized_keys

still works.

[entropy]

Nope, just installed the latest firmware (2.0.1 Build 080416), and Richard's back door is still there...
Fortunately the workaround mentioned by ronc

echo "[public key string]" > /root/.ssh/authorized_keys

still works.

It appears that this is *finally* fixed in the latest firmware I installed on my ts-409 pro -- 2.1.0 Build 0624T. I commented the above mentioned fix out of my autorun.sh and rebooted, and I no longer see Richards keys in my .ssh dir. I haven't tried putting my own keys on to make sure they survive a reboot yet, but I'm assuming since richards keys are no longer there, it isnt' trying to copy them on boot anymore.

Code: Select all

[admin@NAS ~]# ls -la /root/.ssh/
drwx------    2 admin    administ     1024 Jul 15 08:35 ./
drwxr-xr-x    5 admin    administ     1024 Jul 15 14:56 ../