Buffalo Forums
General => Idea Exchange Lounge => : mishikal August 08, 2017, 11:33:39 AM
-
This requires enabling remote SSH access to the system, but once you do that and log in as root, modify /etc/init.d/smb.sh
There is a configure() function that calls /usr/local/sbin/nas_configgen -c samba, which always overwrites /etc/samba/smb.conf. To allow SMBv2, modify the code as follows.
From:
/usr/local/sbin/nas_configgen -c samba
if [ $? -ne 0 ]; then
echo "$0 configure fail"
exit 1
fi
To:
/usr/local/sbin/nas_configgen -c samba
if [ $? -ne 0 ]; then
echo "$0 configure fail"
exit 1
fi
/bin/sed -i '3i\\
min protocol = SMB2\\
max protocol = SMB2\\
' /etc/samba/smb.conf
Then run /etc/init.d/smb.sh reload and the NAS will now allow SMBv2 connections. Enjoy!
-
How do I do this on a Windows 10 machine that cannot access the LinkStation?
Nice one Mishikal, it took me a couple of tries but got it working perfect in the end! Feels good to be all setup.
-
How do I do this on a Windows 10 machine that cannot access the LinkStation?
-
How do I do this on a Windows 10 machine that cannot access the LinkStation?
First you need to get root access on your linkstation using ACP Commander.
I used this http://nerdkey.co.uk/guides/enable-ssh-linkstation-stock-firmware/ (http://nerdkey.co.uk/guides/enable-ssh-linkstation-stock-firmware/) as it sounded easy enough at that time.
For the next steps, I take it you are not familiar with Unix, so here is a step by step once you have root access.
Login as root using PUTTY
once done, type
cp /etc/init.d/smb.sh /root
This will cpy the file in case you make a mistake.
vi /etc/init.d/smb.sh
this editor is quite unfriendly, so follow the following key strokes ([ESC] is the key esape, not the letters):
[ESC]/nas_config
use the arrow to go at the end of this section:
/usr/local/sbin/nas_configgen -c samba
if [ $? -ne 0 ]; then
echo "$0 configure fail"
exit 1
fi
type A then enter
copy the following and right click to paste in putty:
/bin/sed -i '3i\\ max protocol = SMB2\\' /etc/samba/smb.conf
then hit the following keys:
[ESC]:wq
to try that it worked:
/etc/init.d/smb.sh restart
You should now be able to access your files on Windows10.
Good luck!
-
This might be a stupid question but, how come this is not enabled by default in the latest 1.74 firmware version for my Linkstation LS-WXL?? I mean, that update is dated Feb, 2018 and the Buffalo site states that the model is Windows 10 compatible witch can't be without SMBv2 enabled...
WTF?
Since I don't seem able to get root or SSH access to my device... what are my options?
Any ideas? thanks in advance.
-
"Windows 10 compatible witch can't be without SMBv2 enabled.."
this is not correct
Microsoft have disabled SMB1
Now Windows is not compatibel to old nas
enable SMB1 on windows
-
enable SMB1 on windows
Under no circumstances should you enable SMB1. Microsoft disabled it for a reason: SMBv1 has numerous security flaws at the protocol level. That is why they disabled it in the first place. The correct solution is to enable SMBv2 as documented above.
Why Buffalo isn't including this in their firmware updates is beyond me. It's trivial to do.
See also https://www.us-cert.gov/ncas/current-activity/2017/03/16/Microsoft-SMBv1-Vulnerability (https://www.us-cert.gov/ncas/current-activity/2017/03/16/Microsoft-SMBv1-Vulnerability)
Basically, if you enable SMBv1, anyone on your network can take over your computer.
-
Note: I've updated the original suggestion so that SMBv1 is entirely disabled, given the security risks of allowing it.
-
So first off thank you for all who contributed to this fix. It works, for the most part.
So, that being said I have an issue that I can't seem to figure out yet is this.
I have a Windows 10 machine that is my personal laptop
Windows 10 Pro version 10.0.17134 Build 17134
this is the machine I SSH'd to the Linkstation LS-QVL from and made the changes as you listed above.
I figured that would be the end of it and the issue was fixed. So I started notifying my users. They still cannot access the Linkstation which baffles me completely.
Their machines are the exact same build
Windows 10 Pro version 10.0.17134 Build 17134
I did a complete fresh install on a test machine and it cannot access the linkstation.
Only difference between their machines and the test machine is that it is a Work Machine that is connected to Azure AD where mine is a personal machine not connected to Azure AD. That's the only common thing I can find that differs between the machines.
The following are the error messages I receive, and it doesn't matter whether I use the IP address of the LS-QVL or the Network name \\NAS1
From File Explorer:
Windows cannot access \\nas1
Check the spelling of the name. Otherwise, there might be a problem with your network. To try to identify and resolve the problems, click Diagnose.
Error code: 0x80004005
Unspecified Error
From Windows Key + R
The specified server cannot perform the requested operation
I am at a loss here, my personal laptop connected to the same network works after I implented the changes as specified in this thread. No other Azure AD connected machines can access the device. And we are all connected to the same exact network.
UPDATE: I reinstalled the OS on the test machine. I chose Personal Use instead of Work use so it did not join the Azure AD domain. Now I can access the Share, this means there is a setting in Azure AD somewhere that locks down access to this share. Why I don't know, but it's locking the domain systems out.
-
Anyone know how to enable SMB2 on a TS-6VHLB16 Terastation? I am open to any ideas. Thanks
-
mishikal
I have the Buffalo drive at home and was following your instructions and i believe i may have accidentally deleted the line before the section you outlined. Everything is still working but i just want to be safe. Would it be possible for you to paste the contents of that entire section once you make the necessary changes for SMB2.
I'm sorry, I've never used SSH/Putty before. :-[
I need the lines before this:
/usr/local/sbin/nas_configgen -c samba
if [ $? -ne 0 ]; then
echo "$0 configure fail"
exit 1
fi
/bin/sed -i '3i\\
min protocol = SMB2\\
max protocol = SMB2\\
' /etc/samba/smb.conf
-
FW 1.74
smb.sh
#! /bin/sh
#
SMBDOPTIONS="-D"
NMBDOPTIONS="-D"
WINBINDDOPTIONS="-D"
PAMSMBDOPTIONS=
RETVAL=0
USE_MSDFS=1
SMBD_PID_FILE="/var/run/smbd.pid"
NMBD_PID_FILE="/var/run/nmbd.pid"
# this is used by daemonwatch
ACTIVE_FILE=/var/run/active_smb
if [ -f /etc/melco/info ]; then
. /etc/melco/info
fi
[ -f /etc/nas_feature ] && . /etc/nas_feature
if [ "${SUPPORT_ISCSI}" = "1" ] && [ "${DEFAULT_WORKINGMODE}" = "iSCSI" ]; then
echo "Not support samba on this model." > /dev/console
exit 0
fi
if [ -f /usr/local/lib/libfseventmon.so ] ; then
LDPRELOAD_SHARED_LIB=/usr/local/lib/libfseventmon.so
else
LDPRELOAD_SHARED_LIB=/usr/local/lib/libondemandsync.so
fi
configure()
{
## built-in account(admin / guest) passwd db check.
pdb_check=`/usr/local/bin/pdbedit -L |grep ^admin:`
if [ "${pdb_check}" = "" ] ; then
echo -e 'password\npassword\n' | /usr/local/bin/smbpasswd -as admin
echo -e '\n\n' | /usr/local/bin/smbpasswd -as guest
fi
## configure files from Buffalo parameters.
echo "configure samba"
# for active directory logon
if [ "$domain" == "ad" ] ; then
/usr/local/bin/create_krbconf.sh ${pdc} ${ad_dns}
/etc/init.d/sethostname.sh
fi
touch /etc/printcap
/usr/local/sbin/nas_configgen -c samba
if [ $? -ne 0 ]; then
echo "$0 configure fail"
exit 1
fi
/bin/sed -i '3i max protocol = SMB2' /etc/samba/smb.conf
}
setdown_msdfs()
{
if [ -f /etc/melco/msdfs ] ; then
. /etc/melco/msdfs
else
return 1
fi
rm -f ${msdfs_root_path:-/mnt/msdfs_root}/* > /dev/null
if [ $? -eq 0 ] ; then
return 0
else
return 1
fi
}
setup_msdfs()
{
if [ -f /etc/melco/msdfs ] ; then
cat /etc/melco/msdfs |sed -e "s/\\\\\$//g" |sed -e "s/\\\\/\\\\\\\\/g" > /tmp/msdfs.tmp
. /tmp/msdfs.tmp
rm /tmp/msdfs.tmp
else
return 1
fi
if [ "${msdfs_function}" != "on" ] ; then
return 1
fi
RETVAL=0
case ${msdfs_root_as_link} in
on)
;;
off)
if [ -f ${msdfs_root_path} ] ; then
mkdir -m 777 ${msdfs_root_path} -p
if [ ! $? -eq 0 ] ; then
return 1
fi
fi
COUNTER=1
for MSDFS_LINK_NAME in "${msdfs_link1_name}" "${msdfs_link2_name}" "${msdfs_link3_name}" "${msdfs_link4_name}" "${msdfs_link5_name}" "${msdfs_link6_name}" "${msdfs_link7_name}" "${msdfs_link8_name}"
do
if [ "${MSDFS_LINK_NAME}" != "" ] ; then
case ${COUNTER} in
1)
ln -s msdfs:${msdfs_link1_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
2)
ln -s msdfs:${msdfs_link2_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
3)
ln -s msdfs:${msdfs_link3_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
4)
ln -s msdfs:${msdfs_link4_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
5)
ln -s msdfs:${msdfs_link5_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
6)
ln -s msdfs:${msdfs_link6_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
7)
ln -s msdfs:${msdfs_link7_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
8)
ln -s msdfs:${msdfs_link8_unc1} ${msdfs_root_path}/${MSDFS_LINK_NAME}
;;
esac
if [ ! $? -eq 0 ] ; then
RETVAL=1
fi
fi
COUNTER=$(($COUNTER + 1))
done
;;
esac
return ${RETVAL}
}
start_smbd()
{
echo "Starting SMB services: "
if [ ${smb:-"on"} = "off" ] ; then
return 1
fi
if [ "${SUPPORT_REPLICATION}" = "1" ] ; then
local is_rep_task=1
if [ -f /usr/local/lib/libreplication ] ; then
. /usr/local/lib/libreplication
IsReplicationTask
is_rep_task=$?
fi
if [ ${is_rep_task} -eq 0 ] ; then
/usr/local/sbin/smbd $SMBDOPTIONS
else
LD_PRELOAD=${LDPRELOAD_SHARED_LIB} /usr/local/sbin/smbd $SMBDOPTIONS
ret=$?
if [ ${ret} -ne 0 ] ; then
/usr/local/sbin/smbd $SMBDOPTIONS
if [ ! -f /home/replication_error_occurred ] ; then
/usr/local/bin/lcd_error_man.sh replication_error on buzzer_on
fi
fi
fi
else
/usr/local/sbin/smbd $SMBDOPTIONS
fi
return $?
}
start_nmbd()
{
echo "Starting NMB services: "
if [ "${SUPPORT_REPLICATION}" = "1" ] ; then
local is_rep_task=1
if [ -f /usr/local/lib/libreplication ] ; then
. /usr/local/lib/libreplication
IsReplicationTask
is_rep_task=$?
fi
if [ ${is_rep_task} -eq 0 ] ; then
/usr/local/sbin/nmbd $NMBDOPTIONS
else
LD_PRELOAD=${LDPRELOAD_SHARED_LIB} /usr/local/sbin/nmbd $NMBDOPTIONS
ret=$?
if [ ${ret} -ne 0 ] ; then
/usr/local/sbin/nmbd $NMBDOPTIONS
fi
fi
else
/usr/local/sbin/nmbd $NMBDOPTIONS
fi
return $?
}
start()
{
configure
if [ $USE_MSDFS -eq 1 ]; then
echo -n "Setting up msdfs symbolic links..."
setup_msdfs
if [ $? -eq 0 ] ; then
echo " [Success]"
else
echo " [Failed ]"
fi
fi
start_smbd
RETVAL=$?
start_nmbd
RETVAL2=$?
[ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && touch /var/lock/subsys/smb || \
RETVAL=1
touch $ACTIVE_FILE
return $RETVAL
}
start_winbindd()
{
RETVAL=0
if [ "$domain" = "on" -o "$domain" = "ad" ] ; then
echo "Starting WINBIND services: "
/usr/local/sbin/winbindd $WINBINDDOPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/winbindd
fi
return $RETVAL
}
start_pamsmbd()
{
RETVAL=0
if [ "$domain" = "server" ] ; then
echo $"Starting PAMSMBD services: "
/usr/local/sbin/pamsmbd $PAMSMBDOPTIONS
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && touch /var/lock/subsys/pamsmbd
fi
return $RETVAL
}
stop_smbd()
{
echo "Shutting down SMB services: "
killall smbd
return $?
}
check_smbd()
{
if ! ps -w |grep smbd; then
return
fi
local t_pid=""
pid=`ps -w |grep smbd|awk '{print $1}'`
for i in ${pid}
do
t_pid="${t_pid} ${i}"
done
kill -9 ${t_pid}
}
stop_nmbd()
{
echo "Shutting down NMB services: "
killall nmbd
return $?
}
stop()
{
stop_smbd
RETVAL=$?
check_smbd
stop_nmbd
RETVAL2=$?
[ $RETVAL -eq 0 -a $RETVAL2 -eq 0 ] && rm -f /var/lock/subsys/smb
echo ""
if [ $USE_MSDFS -eq 1 ]; then
echo -n "Cleanup msdfs symbolic links..."
setdown_msdfs
if [ $? -eq 0 ] ; then
echo " [Success]"
else
echo " [Failed ]"
fi
fi
echo ""
rm -f $ACTIVE_FILE
return $RETVAL
}
stop_winbindd()
{
echo "Shutting down WINBIND services: "
killall winbindd
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/winbindd
return $RETVAL
}
stop_pamsmbd()
{
echo "Shutting down PAMSMBD services: "
killall pamsmbd
RETVAL=$?
echo
[ $RETVAL -eq 0 ] && rm -f /var/lock/subsys/pamsmbd
return $RETVAL
}
restart()
{
stop
stop_winbindd
stop_pamsmbd
start
start_winbindd
start_pamsmbd
}
restart_nmbd()
{
# check if smbd is alive or not.
# if smbd is not alive, this routine do not anything.
SMBD_PID=0
if [ -e ${SMBD_PID_FILE} ] ; then
SMBD_PID=`cat ${SMBD_PID_FILE}`
fi
if [ ${SMBD_PID} -gt 0 ] ; then
# check if pid were really smbd's or not.
SMBD_EXIST=`ps |grep ${SMBD_PID}|grep smbd`
if [ "${SMBD_EXIST}" = "" ] ; then
# pid file is exist, but that's wrong.
return 1
fi
# check if it were alive or not.
kill -CONT ${SMBD_PID}
if [ $? -ne 0 ] ; then
# sendsignal failed. maybe smbd not surviced.
return 1
fi
else
# maybe pid file not exist. = smbd not surviced.
return 1
fi
stop_nmbd
start_nmbd
return 0
}
reload()
{
echo -n $"Reloading smb.conf file: "
configure
killall -HUP smbd
RETVAL=$?
echo
return $RETVAL
}
reload_winbindd()
{
killall -HUP winbindd
RETVAL=$?
echo
return $RETVAL
}
reload_pamsmbd()
{
killall -HUP pamsmbd
RETVAL=$?
echo
return $RETVAL
}
#
# Usage statement.
#
case "$1" in
start)
start
start_winbindd
start_pamsmbd
;;
stop)
stop
stop_winbindd
stop_pamsmbd
;;
restart)
restart
;;
restart_nmbd)
restart_nmbd
;;
reload)
reload
reload_winbindd
reload_pamsmbd
;;
*)
echo "usage: $0 {start|stop|restart|restart_nmbd|reload}"
exit 1
;;
esac
-
Oxygen8 thank you soo much!
I believe I may have pooped something up. I can no longer SSH into the NAS. I can still access the drive and all its contents (which is very limited, only a few random files and some test files) since its mapped on my computer but i can't use putty nor can i log in through the web portal. Any ideas as to how i can get back in?
-
Phew! Ok i got everything working again.
Had to get the LS into Engineering/Emergency Mode so that NasNavigator could see it and then had to use the flash tool to reflash the latest firmware.
I followed the above steps properly this time but when i try to map the LS i get a message on windows saying i need to create a folder called Share on the LS so that i can map it, I already have a few folders on the LS so not sure why it needs another, anyone have any experience with that message.
I'm able to see it on NasNavigator but cant map it. I tried creating the folder called Share, but that still didn't help.
-
Thank you, mishikal! I'm not sure how you figured out to do that, but it worked perfectly!
I just wanted to note that if you're using windows 10, do NOT use the OpenSSH that's installed through Manage Optional Features. This version of OpenSSH doesn't have the old cypher needed to connect to the NAS, and based on what I'm reading as of 6/24/2018, there's no way to enable them.
I had to download and install PuTTY to connect.
It took me about an hour to figure that little puzzle out, and then about 5 minutes to follow the instructions and activate SMB2.
-
Hi guys,
I have the same problem with my LS-CHL. I tried this solution. I activated the SSH as mentioned but when I try to access my device using Putty, and after entering my password the connection would be interrupted and I get this error from Putty: "Server unexpectedly closed network connection".
Do you guys have any suggestion for that? I mean it shouldn't be related to my device model. Does it?
Appreciate your help.
Bests
Siamak
-
Hi Mischikal
Thanks for your contribution: it's precise and very well explained.
Since many years, I have a Buffalo ls-gl LinkStation and it worked very well til Windows 10 fall creator update.
It is a pain to use FTP transfer instead of windows explorer and after many search, I found your post on this forum.
I did all the steps you described, but at the end, when I restart the LinkStation, my windows 10 workstation still cannot connect with SMB2.
Do you know if there is a another way to force the ls-gl to use SMB2 ?
When I check the /etc/samba/smb.conf generated file, I find max protocol = SMB2 on the third line. How to know if it's "understood" from samba server?
Thanks in advance for answering me.
-
Thank you mishikal, this works on my LinkStation.
-
On macOS I needed to Install Java 6 before I could use ACP Commander JAR file from https://www.gry.ch/Java/styled/ (https://www.gry.ch/Java/styled/).
After Enabling SSH and setting root password in ACP commander I was able to connect using ssh from command line using:
ssh -o HostKeyAlgorithms=ssh-rsa -o KexAlgorithms=diffie-hellman-group1-sha1 -l root address
HTH.
-
I'm trying to enable SMB2 on my LinkStation LS-WXL. I'm trying to follow directions in this post but don't know the root password. Is there a default? (btw It's absolutely crazy and user UNfriendly that Buffalo firmware 1.74 didn't correct it nor did Buffalo indicate how to fix it)
If anyone can help, much thanks.
/* EDIT */
If I try using putty to SSH to the Linkstation, if I try entering an admin user defined on the Linkstation it closes "Other end closed connection"
-
I recently created a new fork of acp_commander which makes enabling a root shell over telnet reliable for all models.
You can get a copy here:
https://github.com/1000001101000/acp-commander
The readme page has the usage information/etc.
-
I recently created a new fork of acp_commander which makes enabling a root shell over telnet reliable for all models.
You can get a copy here:
https://github.com/1000001101000/acp-commander
The readme page has the usage information/etc.
I'm having difficulty getting anywhere on my LS-WXL with Firmware 1.74.
I can get your ACP Commander jar to find the device if I tell it the IP using -t but it says it finds 9 devices which seems kinda odd.
I can SSH onto the admin user using putty anyway, but as soon as I get in the LinkStation closes the connection, and I can't get in with root at all nor can I get in with telnet as it refuses the connection on port 23.
Am I doing something wrong or do I have to change the Firmware Version to a lower one in order to get in? Java version is 1.8.0 so that shouldn't be an issue if it's built in 1.7.0 surely?
-
if you post the output of your attempts I may be able to see what is happening.
it should be as easy as:
java -jar acp_commander.jar -t <ip address> -pw <admin password> -o
-
I've just turned it off & heading to bed so I'll get the full output (minus password) on Monday.
IIRC it "logged in" and said it set the root password (ACP_state OK) and said I could then log in via Telnet with no/empty Password and I should set up a password.
After that it just went back to the normal Command Prompt. When I tried using putty to telnet it gave the same as Telnet in Command Prompt which was connection refused.
I did find out how to manually extract he contents of hddrootfs from the firmware update image files using WinRar and from there it's possible to edit what you like (Buffalo PW protect them but PW's can be found here (https://buffalonas.miraheze.org/wiki/Extract_Boot_Files_from_Stock_Firmware)).
So since it's easy to modify smb.sh outside of the LinkStation (and presumably anything for root/SSH access) I figure if I can't get in via acp_commander, then I can just edit the files manually on my PC, then I assume it is just a case of repackaging it all then changing the updater config ini file version_check flag to 0 and running the firmware updater?
-
if you post the output of your attempts I may be able to see what is happening.
it should be as easy as:
java -jar acp_commander.jar -t <ip address> -pw <admin password> -o
Here's the output from the command:
C:\Users\Stephen\Documents>Java -jar acp_commander.jar -t 192.168.1.129 -pw ******** -o
Reset root pwd... Password changed.
start telnetd... OK (ACP_STATE_OK)
You can now telnet to your box as user 'root' providing no / an empty password. Please change your root password to something secure.
C:\Users\Stephen\Documents>
-
Hmm. That sure looks like it worked, though it really only detects whether it failed to send the commands, not whether they actually work.
Could you post the putty settings/connection details you are trying?
-
Not sure what Putty settings you want but I haven't changed any from the defaults. And like I said even using Telnet in Command Prompt still gives Connection Refused.
This is what happens if I SSH in as Admin (https://www.dropbox.com/s/juqr1cdylt30eji/LS-WXL%20Putty%20fail.JPG) as of now.
-
honestly, mostly want to confirm that it's using the right protocol/port.
I'm assuming you're using the one from the link I sent. For older versions the telnet feature doesn't actually work for most models.
Getting SSH to work is a little different among different models/firmware versions. I believe this script should work for that model though:
https://github.com/rogers0/OpenLinkstation/blob/master/0_get-ssh/get-ssh.sh
-
Putty wise I'm using using SSH on port 22, Telnet is port 23. I don't fill in the autologin details because then I'd have to save the connection twice, once under admin and again under root.
I used WinSCP and SFTP to find out that SFTP gives a little more information and it told me that /home doesn't exist and nor does /.
As for the links, yes I followed the link to your Github and downloaded the jar from there, not the original one that was released in 2012.
That SSH Script I assume can be run in WSL (Windows Subsystem for Linux)? Do I need to modify anything to give it the IP and Password or will it prompt me for those anyway? Does that use your modified jar or the original jar?
-
The script also relies on acp_commander so you'll need java. I've not used WSL, I don't know if it will work or not.
-
OK it failed miserably using the forked acp_commander.jar so I used the one from the same repo as the get_ssh script that was updated 6 years ago, and it seemed like it failed (multiple
Changeing IP: ACP_STATE_PASSWORD_ERROR
at the end of every block of commands) but then I figured I'd try to login as root via putty and that worked with the same password as admin account.
So now I've followed the instructions posted by mishikal (what to put in smb.sh) and patator (how to edit it for those not as familiar with Linux) and I'm hoping after I reboot my PC to disable SMB v1.0 client/server I'll still be able to access my NAS drive.
-
Ok I removed SMBv1.0 Client from Windows 10 and I've even restarted the LinkStation for good measure and Windows 10 still won't see the LinkStation.
I've modified the correct config file so it's near enough exactly as posted by mishikal in post #1, I even ran the same restart command and still nothing.
Here is what my config file looks like from putty (https://www.dropbox.com/s/8nnn54tb6kvmtd3/Screenshot%202020-03-23%2022.42.02.png).
Here is what happens when I run the reload command (https://www.dropbox.com/s/onqsowyxyplw7c1/Screenshot%202020-03-23%2023.16.25.png).
Am I doing something wrong somewhere? I've copied and pasted the configs etc so I don't see how I could mistype something.
-
So I ended up having to do another restart due to messing up SSH after trying to restart the service, and I've just noticed that now it seems to have decided to start working with Windows 10 after it previously refusing...
So it seems you need to both run the reload command AND restart the LinkStation (which despite me doing both earlier didn't seem to work). I've also just set the max protocol to SMBv2, I might try setting the minimum to SMBv2 as well in the future and see what happens.
Either way my LinkStation now seems to be allowing SMBv2 on Windows 10.
I assume updating Samba to say version 4.x.x for SMBv3 is nigh on impossible?
-
Yes, trying to update Samba within the stock firmware would be nearly impossible.
If you'd like you can replace the stock firmware with Debian Linux. In that case you can easily install modern Samba, though you'll need to configure it yourself.
Installation media and instructions can be found here:
https://github.com/1000001101000/Debian_on_Buffalo
-
Seems ssh is enabled on my LinkStation mini (responds to PuTTy SSH) asking login and password.
Now my challenge is: what is my LS ssh root default passwd...?
For the time being, I have re-enabled SMB1 on my W10...
-
Some models have an SSH server running which is used for the SFTP function but is locked down to prevent shell access. The exact way this is accomplished varies somewhat between model/firmware versions.
There have been tools/scripts over the years to automate removing this restriction but they only work for specific versions and will mess up your SSH config if used against an incompatible version. That said I used this one against my LS-QVL a few years ago (but not with the current FW version) and it worked:
https://github.com/rogers0/OpenLinkstation/blob/master/0_get-ssh/get-ssh.sh
When I need a shell on one of these devices I use the "-o" function of ACP Commander to temporarily enable root access over telnet. The primary advantage of this is that it works reliably with all models (except the ls500 series).
https://github.com/1000001101000/acp-commander
For either method you'll want to set a strong root password afterwards since it will enable root logins on the device and set a blank password (or change it to your admin password). In the case of the telnet option the telnet service will only be active until you reboot the device.
-
Thx!
Seems pretty likely that I'll be able to break something while trying, seems likely I'll stick with the SMB1 enabled on my W10.
Just wondering why not buffalotech release one more firmware update so you could this (to enable SMB2/3) from the Web admin console...
-
Just wondering why not buffalotech release one more firmware update so you could this (to enable SMB2/3) from the Web admin console...
Because it makes people buy new units.
-
Hey, all! I updated the smb.sh as described and can access the NAS. However, when I attempt to copy a large number of files from my Windows 10 computer, the NAS device services appear to shut down even though the device still pings. The only way to recover is to hard boot the device. I am now copying files directly from the backup to the array via ssh console, but this will not fix the overall large file count issue for future use. Any ideas about either a buffer or other tweak that is missed? Device is an LS-QVL with FW 1.74. Thanks!
-
Hi,
Sorry I am a little late after the battle ...
My Buffalo NAS is a LinkStation LS-WXL (LS-WXLB1D).
The firmware is 1.74 (DTCP-IP:1.65-20130731).
When I lost contact with it after a Windows 10 update, I read that Buffalo would not update the firmware.
Then one of my PCs was configured with SMB1, but it is not safe and I am not happy to throw away this NAS.
So I follow the instructions of this thread, thanks to mishikal.
I got : buffalo linkstation acp-commander-gui (http://advanxer.com/blog/2013/02/buffalo-linkstation-acp-commander-gui/)
I got an SSH entry point and a password to login as root. Great because I had no idea to do that before !
Then I used PuTTY to modify smb.sh as prescribed.
After restart, I checked that smb.conf was modified, and it was ok with the line: max protocol = SMB2 .
Then I look at my PCs : the NAS is hidden on the Windows 10 updated one and I can see it on the other which is SMB1 modified.
My NAS doesn't change to SMBv2 despite the smb.conf was modified by smb.sh.
I added "min protocol = SMB2" without any change.
As others seemed to be successful with this, where am I wrong ?
-
My LinkStation LS-WXLB1D with FW 1.74 has this Samba version : 3.6.3-31a.osstech
I can't change from SMB1, don't know why.
Probably supporting no other Samba version ?
-
I think others have been able to make this change successfully for this firmware.
Could be something simple like a typo or something.
I think there are samba commands to validate a config file and to print out the current config, that might give you some hints.
-
Thank you 1000001101000 for replying.
This is what I get using testparm :
root@Sauvegarde_NAS:~# testparm -V
Version 3.6.3-31a.osstech
root@Sauvegarde_NAS:~# testparm
Load smb config files from /etc/samba/smb.conf
rlimit_max: increasing rlimit_max (1024) to minimum Windows limit (16384)
WARNING: The "null passwords" option is deprecated
WARNING: The "password level" option is deprecated
Processing section "[lp]"
WARNING: The "printer admin" option is deprecated
Processing section "[info]"
Processing section "[NOS_FILMS]"
Loaded services file OK.
Server role: ROLE_STANDALONE
Press enter to see a dump of your service definitions
[global]
dos charset = ISO8859-15
unix charset = UTF-8
display charset = UTF-8
workgroup = NOISY
server string = "LinkStation LS-WXLB1D"
auth methods = guest, sam
map to guest = Bad User
null passwords = Yes
passdb backend = tdbsam:/etc/samba/smbpasswd.tdb
passwd program = /usr/bin/passwd %u
passwd chat = *New*password* %n\n *Retype*new*password* %n\n *passwd:*all*authentication*tokens*updated*successfully*
username map = /etc/samba/smbusers
password level = 14
unix password sync = Yes
lanman auth = Yes
max log size = 0
max protocol = SMB2
unix extensions = No
deadtime = 15
socket options = TCP_NODELAY SO_RCVBUF=262144 SO_SNDBUF=262144
printcap name = /etc/printcap
disable spoolss = Yes
show add printer wizard = No
os level = 1
dns proxy = No
lock directory = /etc/samba/lock
host msdfs = No
idmap config * : backend = tdb
invalid users = mail, deamon
admin users = root
use sendfile = Yes
printing = lprng
lppause command = lpc hold '%p' %j
lpresume command = lpc release '%p' %j
queuepause command = lpc stop '%p'
queueresume command = lpc start '%p'
delete veto files = Yes
veto files = /.AppleDesktop/Network Trash Folder/TheVolumeSettingsFolder/.AppleDouble/.AppleDB/.com.apple.timemachine.supported/
wide links = Yes
[lp]
comment = Network Printer for Windows
path = /mnt/array1/spool/samba
printer admin = admin
guest ok = Yes
printable = Yes
print ok = Yes
print command = /usr/bin/lpr -Plp -r %s
use client driver = Yes
[info]
comment = LinkStation Utilities
path = /mnt/info
guest ok = Yes
csc policy = disable
[NOS_FILMS]
path = /mnt/array1/NOS_FILMS
read only = No
force create mode = 0666
force security mode = 0666
force directory mode = 0777
force directory security mode = 0777
guest ok = Yes
vfs objects = recycle
recycle:minsize = 1
recycle:directory_mode = 777
recycle:versions = 1
recycle:keeptree = 1
recycle:repository = trashbox
Do you see something wrong ?
-
nothing obvious. The min protocol doesn't seem to be set, but I wouldn't think it would be necessary.
you could try restarting samba to make sure this config is actually what's in use.
-
I had to do this a couple of years ago. Tonight I saw that a new firmware (1.75) was out. Against my better judgment, I installed it and promptly lost access to all of my files again, so I had to stumble my way through this solution again with the help of Internet Archive (https://web.archive.org/web/20190718105044/http://nerdkey.co.uk:80/guides/enable-ssh-linkstation-stock-firmware/ (https://web.archive.org/web/20190718105044/http://nerdkey.co.uk:80/guides/enable-ssh-linkstation-stock-firmware/)):
- Download ACP Commander GUI
- Download Java
- Download PuTTY
Thanks again to the OP. No thanks to BUFFALO.
-
I had to do this a couple of years ago. Tonight I saw that a new firmware (1.75) was out. Against my better judgment, I installed it and promptly lost access to all of my files again, so I had to stumble my way through this solution again with the help of Internet Archive (https://web.archive.org/web/20190718105044/http://nerdkey.co.uk:80/guides/enable-ssh-linkstation-stock-firmware/ (https://web.archive.org/web/20190718105044/http://nerdkey.co.uk:80/guides/enable-ssh-linkstation-stock-firmware/)):
Thanks for that link philadopolis. My Linkstation is on an older version of the firmware and I have been ignoring the new firmware messages purely because (like you) it was a while ago that I 'cracked' the LS-WXL. The 'how-to' instructions were on another (now gone) forum so it's a relief to me that you have found that.
I may now upgrade it, but I'm tempted to put Debian on instead.
-
I said...
I may now upgrade it, but I'm tempted to put Debian on instead.
I installed Debian successfully... at first... then things started going downhill. The default RAID0 parition (md2) is xfs and wouldn't mount, I was getting V1 inode errors. I was unable to get around that, xfs_repair reported no superblock. I think the partition's version of xfs was too old for the Debian xfs utils progs. Then the /boot partition wouldn't mount and the fstab became unreadable (as if it has become a binary file. Yet it still booted ??? It seemed as if I was running into one problem after another so I restored everything back to stock (latest firmware)
Maybe I'll try again one day.
-
That sounds ... weird to say the least.
There shouldn't be any xfs compatibility issues to worry about, I recently mounted an XFS volume from ~2006 on a modern system without issue. My first guess would be to wonder if you have drive(s) that are starting to fail some of what you describe might make sense if you had a bunch of read failures happening.
-
I've totally rebuild the NAS now, to stock 1.75. That didn't go without problem either so perhaps there was some underlying disk problem. Disks have been erased, reformated and the stock firmware reflashed (from emergency mode) so hopefully I now have a clean system to work with.
I will try updating it to debian again because I think there are advantages to it. I use a modified version of the 'custom sleep' program that worked with the Buffalo 'auto sleep' mode functionality - that program will need some modification I suspect.
In retrospect, and tbh, I think I missed a step from your 'post installations' instructions (I was using Novaspirit Tech's YouTube video as my prime source and he whizzed through the process) As a result, I trashed my md2 partition and my attempts to recover it were only making matters worse. I don't know RAID and should have been circumspect in my actions. But that's how I learn; leaping in, trashing stuff and recovering from it! Not recommended practice but it adds to the thrills :)
Edit: having successfully installed debian and got the nas up, restored and running, I set to modifying my 'custom sleep' programs. I quickly realised there was more work in that than I wanted - so I've reverted back to the stock firmware. In short, the programs need to be able to find the status of the auto switch and that was a feature of the stock firmware. I looked phy_restart.sh (https://github.com/1000001101000/Debian_on_Buffalo/blob/master/Tools/phy_restart.sh) (from the device specific notes (https://github.com/1000001101000/Debian_on_Buffalo/wiki/Device-Specific-Notes)) but I was unable to work out if that'd tell me what I need to know and, if so, how.
It's been a fun exercise and has kept me amused in these 'lock down' times!
-
have some notes on how to read buttons here:
https://github.com/1000001101000/Debian_on_Buffalo/wiki/Post-Installation-Options#Buttons_and_Drive_Detection
-
LS-WVLE25, Win 10 20H2.
Came across this thread after loosing all my mapped drives on my NAS, looks to be the solution to my problem.
However, I don't know root's password to start the process, it isn't password.
I still have access to it through my browser using admin, and all my data is still appears to be there in their folders. What can I do?
PS. I have used WinSCP and PuTTY with my Raspberry PI so I moderately familiar with making an ssh connection.
Thanks
-
I have one LS-WXL device. Last year I tried the debian install with some success. There were some issues so that I would go back to the stock firmware.
First note was that I was able to install any other way than the boostrap method possibly due to low ram. I never was able to go through the installation as the device would crash. I believe is the ram that is limiting this.
After installing using the boostrap method. The main concern that I had is the fans running full speed. The fan speed testing runs through adjusting the fans correctly. But I was never able to adjust the fans to low speed.
It would be so cool if someone could put out a guide for this specific device (LS-WXL) for a full working installation.
-
That's a bit odd since the LS-WXL is usually the device I use to test that particular installer, though it has been a while. I'm assuming we're talking about the LS-WXL, the LS-XL definitely needs the bootstrap method (but doesn't have fans so I doubt that's what you mean).
I haven't used fancontrol much but when I did I found I had to set the thresholds much lower than would be intuitive to make it actually reduce fan speeds.
-
LS-WVLE25, Win 10 20H2.
Came across this thread after loosing all my mapped drives on my NAS, looks to be the solution to my problem.
However, I don't know root's password to start the process, it isn't password.
I still have access to it through my browser using admin, and all my data is still appears to be there in their folders. What can I do?
PS. I have used WinSCP and PuTTY with my Raspberry PI so I moderately familiar with making an ssh connection.
Thanks
I have read that ACP Commander would allow me to setup ssh but all links I have to that software have been closed.
Is this the only way?
All suggestions welcome!
-
This version makes changing the root password and enabling telnet pretty easy:
https://github.com/1000001101000/acp-commander
-
Thanks.
I had found this working link for ACP Commander
http://downloads.ebox.at/downloads/buffalo/ (http://downloads.ebox.at/downloads/buffalo/)
And this walk through guide to moving to SMB 2, which has worked for me!
https://www.youtube.com/watch?v=bVOx2COnqxg (https://www.youtube.com/watch?v=bVOx2COnqxg)
NAS back and all my mapped drives
-
So does anyone know why the config changes are allowing SMBv2 share access is still allowing discovery via SMBv1.0/CIFS but nothing newer?
My Laptop was the only device that could "see" the NAS in the Network list, I found the difference was my laptop still had SMBv1.0/CIFS Server (and SMBv1.0/CIFS Automatic Removal) enabled. So I disabled both and now my laptop can't "see" the NAS in the Network list.
If you know the hostname it will connect fine, but again I'd like to be able to change this so that it can be found without having to have the old protocol enabled. Is this possible? And can anyone post the appropriate method for doing so?
-
If I remember correctly I had to create/adjust the IPC$ share in samba to control how the device was detected and who could enumerate shares.
I think in my case I was trying to limit discoverability. It’s been a few years and I don’t remember much detail.
It might be looking into that piece.
I’m guessing there are different protocols/defaults for discovery on smb1 vs smb2 which probably explains the difference between devices.
-
It's been a while, is anyone still around?
I understand the theory and the steps needed to get to SMB2. I’m currently completely lost as to how to do it. I will start working on it and see how far I can get. I’ve been up for over 24 hours, so please be kind!
EDIT: I used the acp_commander_gui_156 and was able to get it into the shh(or what ever it was) MODE. But Im going to go to bed.
EDIT: When setting the Root Password, should it be the same as the admin password, -or should it be unique?
I have an old Link Station Live. Model LS-X3.0TL and for some reason there is also reference to LS-XL957. I have been trying to figure out if this will work on my LS? Anyone know?
It is a 3TB Sata HD. With Firmware version 1.75. Will this stuff work with FW 1.75? I have FW 1.74 if it will NOT work with 1.75.
I am also wondering if I can change it to SMB3? As in windows 11 there is only the option of SMB1 or SMB3?
EDIT: Ive learned a lot in the past few hours. I turned on SMB3 on Both my systems and changed the settings in my other LS and DOUBLED my transfer rates. COOL>
Will I need the SMB2/3 protocol to upload to the LS? IF so where do I get it/then put it?
I think the answers to these questions will really help me out and get me started in the right direction.
Thank you so much for any help.
-
Well, I did it!
I installed the latest Java software.
Found acp_Commander_GUI which worked really slick. Download here: https://advanxer.com/2013/02/buffalo-linkstation-acp-commander-gui/
I put in the IP address and the admin password, then Enabled SSH, and set a root password.
Then I found WinSCP to log into the root of the drive, and edit the smb.sh file as instructed.
The instructions on how to use WinSCP is here: https://www.youtube.com/watch?v=bVOx2COnqxg
You can download WinSCP here: https://winscp.net/eng/download.php
with those two files makes it so easy to do.
-
Hi there
Crazy I know, this is still useful in 2024.. but
I have no problem going through the steps and editing the smb.sh file.. but
when the nas restarts it overwrites the edited file..
Any ideas where this is coming from.????
PC win 10 - NAS LS-WXL
cheers CD