Fully automated rooting script

Forum about the tweaking of the Eneco Toon.

Moderator: marcelr

Fully automated rooting script

Postby martenjacobs » Fri Mar 09, 2018 3:19 pm

Hi everyone,

Over the last few days I've been busy working on a Python application that will automate the rooting process of Toon from a Raspberry Pi.
It supports rooting using just the serial port on Toons with U-Boot versions with a known password, and will use JTAG on any other Toon.

If you want to check it out, it's on GitHub.

Cheers,
Marten
martenjacobs
Starting Member
Starting Member
 
Posts: 16
Joined: March 2018

Re: Fully automated rooting script

Postby michel30 » Fri Mar 09, 2018 4:07 pm

that is beautiful :)
Especially for new users :)
michel30
Member
Member
 
Posts: 155
Joined: August 2017

Re: Fully automated rooting script

Postby Toonz » Sat Mar 10, 2018 11:04 am

That would be nice.....
Toonz
Advanced Member
Advanced Member
 
Posts: 575
Joined: December 2016

Re: Fully automated rooting script

Postby martenjacobs » Sat Mar 10, 2018 9:13 pm

I’ve tried the script on the one Toon I have on my workbench at the moment and that works very well. I’d like some feedback if anyone has tried it out.
martenjacobs
Starting Member
Starting Member
 
Posts: 16
Joined: March 2018

Re: Fully automated rooting script

Postby TheHogNL » Sun Mar 11, 2018 2:01 pm

I'm about to get a 2nd Toon myself for testing purposes. I'll use your script when I have the Toon. Hopefully somewhere this week.
TheHogNL
Member
Member
 
Posts: 261
Joined: August 2017

Re: Fully automated rooting script

Postby Fietspomp » Thu Mar 15, 2018 2:53 pm

Used your script for a 2ndhand toon, works perfect!
Toon was firmware version 3.7.8 I believe (Updated immediately after rooting :-).)
Toon has U-Boot version 2010.09-R10

Only thing was I couldn't enter via SSH after finishing script, no idea why (What password does your script set)?
So I entered serial console, used "passwd", checked if everything was ok and rebooted, this worked.
Fietspomp
Starting Member
Starting Member
 
Posts: 14
Joined: January 2018

Re: Fully automated rooting script

Postby Fietspomp » Fri Mar 16, 2018 10:58 am

Just rooted another Toon with it, had uboot R8, password worked.
Script works as it should, only thing I do extra is add latest busybox to payload and use flag to skip removal of payload, enter serial console and install latest busybox.
After this I change passwd and that's it.
Fietspomp
Starting Member
Starting Member
 
Posts: 14
Joined: January 2018

Re: Fully automated rooting script

Postby martenjacobs » Sat Mar 17, 2018 7:13 pm

Hi Fietspomp,

I didn't add a package with a different version of busybox to the package because I feel it's more of a risk if it fails than the current process (possibly bricking the Toon), I may add it in the future as an option. I'm open to a pull request :D

The script does not set the password for the root user, but simply uses or creates a public key pair that you'll be able to use with your SSH client. If you're unfamiliar with public key authentication through SSH, you may want to read this.

The private key is written to the file name supplied with the --output-ssh-key-flag (defaults to id_rsa in the current directory) and the public key is saved next to it with a .pub suffix. The public key is also added to the payload and is put in /root/.ssh/authorized_keys so it's accepted as an access key for the root user. On most unices, you can then connect to the Toon using
Code: Select all
ssh -i id_rsa root@<TOON IP ADDRESS>

If you saved the private key without encryption (the default) you can then connect without a password.
I haven't been able to convert the key created by the script to a ppk file yet (the format which is used by PuTTY). I recommend that, until a better way comes along, PuTTY users create a public key pair with PuTTYGen, save the public key to a file, and use the --ssh-public-key flag to transfer this file to the Toon.

Please let me know if you have any questions!

Cheers,
Marten
martenjacobs
Starting Member
Starting Member
 
Posts: 16
Joined: March 2018

Re: Fully automated rooting script

Postby Fietspomp » Mon Mar 19, 2018 10:06 am

I tried loggin in using SSH but I couldn't convert the key using PuttyGen, so I just used the busybox passwd option :)

Thanks for the great work, I'm not sure if the newer version of busybox is mandatory so indeed why not leave it out.
Fietspomp
Starting Member
Starting Member
 
Posts: 14
Joined: January 2018

Re: Fully automated rooting script

Postby marcelr » Mon Mar 19, 2018 10:16 am

Fietspomp wrote: I'm not sure if the newer version of busybox is mandatory so indeed why not leave it out.

The standard busybox blocks serial access. The later version of busybox (1.27.2-r4), retains all features of busybox 1.18.3 and 1.27.2 combined.
marcelr
Advanced Member
Advanced Member
 
Posts: 815
Joined: May 2012
Location: Ehv

Re: Fully automated rooting script

Postby Martin101010 » Wed Mar 21, 2018 7:58 pm

Marten,

I'm trying to use your script, but got stuck on the dependencies. I get;

Code: Select all
cc -Wall  -I. -g -O2 -fno-unwind-tables -fno-asynchronous-unwind-tables  -rdynamic  -o jimsh jimsh.o initjimsh.o libjim.a -ldl
jimsh.o: file not recognized: File truncated
collect2: error: ld returned 1 exit status
Makefile:52: recipe for target 'jimsh' failed
make[2]: *** [jimsh] Error 1
make[2]: Leaving directory '/home/pi/openocd/jimtcl'
Makefile:3782: recipe for target 'install-recursive' failed
make[1]: *** [install-recursive] Error 1
make[1]: Leaving directory '/home/pi/openocd'
Makefile:4081: recipe for target 'install' failed
make: *** [install] Error 2
pi@raspberrypi3:~/openocd $


What is it that I'm missing?

Update: removed the dir and done it again. No errors anymore :-)
Last edited by Martin101010 on Wed Mar 21, 2018 9:34 pm, edited 1 time in total.
Martin101010
Starting Member
Starting Member
 
Posts: 38
Joined: November 2017

Re: Fully automated rooting script

Postby martenjacobs » Wed Mar 21, 2018 8:04 pm

Martin101010 wrote:Marten,

I'm trying to use your script, but got stuck on the dependencies. I get;

(...)

What is it that I'm missing?



Hi Martin,

Which OS are you using? I tested the instructions on a clean raspbian stretch light install.

Marten
martenjacobs
Starting Member
Starting Member
 
Posts: 16
Joined: March 2018

Re: Fully automated rooting script

Postby martenjacobs » Wed Mar 21, 2018 8:06 pm

marcelr wrote:
Fietspomp wrote: I'm not sure if the newer version of busybox is mandatory so indeed why not leave it out.

The standard busybox blocks serial access. The later version of busybox (1.27.2-r4), retains all features of busybox 1.18.3 and 1.27.2 combined.


I think most users don't need serial access after enabling SSH access.
martenjacobs
Starting Member
Starting Member
 
Posts: 16
Joined: March 2018

Re: Fully automated rooting script

Postby marcelr » Wed Mar 21, 2018 8:36 pm

Hi @martenjacobs,

Just had a quick peek at your scripts. I would strongly suggest to add the latest busybox (1.27.2-r4) and its two modules to the initial install. If for whatever reason the installation of dropbear fails, you're quite lost. Furthermore, one wrong update and the ssh access is cut off. The serial port can then serve as a last resort to access a toon. Furthermore, there's no harm done in adding busybox, it's fully compatible with quby's version (it only has a few extra features added to it). Then of course, you will also need to patch /etc/inittab to add the getty.

Anyway, nice job.
marcelr
Advanced Member
Advanced Member
 
Posts: 815
Joined: May 2012
Location: Ehv

Re: Fully automated rooting script

Postby martenjacobs » Wed Mar 21, 2018 10:11 pm

marcelr wrote:Hi @martenjacobs,

Just had a quick peek at your scripts. I would strongly suggest to add the latest busybox (1.27.2-r4) and its two modules to the initial install. If for whatever reason the installation of dropbear fails, you're quite lost. Furthermore, one wrong update and the ssh access is cut off. The serial port can then serve as a last resort to access a toon. Furthermore, there's no harm done in adding busybox, it's fully compatible with quby's version (it only has a few extra features added to it). Then of course, you will also need to patch /etc/inittab to add the getty.

Anyway, nice job.


Hi Marcel,

I think upgrading busybox could be added as an option. The reason I'm reluctant to do it by default is that busybox is quite an important part of the OS, and if the install borks for some reason (could be power loss, or maybe a newer firmware version breaks something, I don't know) it could brick the Toon. From what I've read, this has already happened to a number of users. The current process is designed to change as little as possible but only give the user SSH access and let them take it from there. If dropbear installation fails, you could simply use the script with the '--boot-only' or '--dont-reboot-after'-flag to boot into the serial console and take it from there with minicom.

FWIW, my Toon is running the latest firmware with stock busybox. I rooted it with my script and haven't had any cause to upgrade busybox.

However, I should add that I made a cable that connects RPi's serial and JTAG to the Toon in one go (see attached picture). I can see why for most users it would be easier to be able to 'rescue' the Toon without having to connect JTAG as well.

Regards,
Marten
Attachments
toon-cable-med.jpg
Toon cable with description
toon-cable-med.jpg (69.25 KiB) Viewed 1198 times
martenjacobs
Starting Member
Starting Member
 
Posts: 16
Joined: March 2018

Next

Return to Eneco Toon as Domotica controller

Who is online

Users browsing this forum: No registered users and 1 guest