-
Notifications
You must be signed in to change notification settings - Fork 10
/
README
130 lines (105 loc) · 4.2 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
Up-to-date firmware for WD My Cloud Ex2 Ultra
The sequence is:
1) Update u-boot. It is needed to adjust load addresess for new Kernel and Ramdisk. See UBoot folder for details.
2) Update kernel with compiled uImage file. See Kernel folder for details.
3) Update ramdisk with compiled uInitrd file. See Ramdisk folder for detials.
4) Set rootfs - the actuall Debian system. See Rootfs folder for detials.
This custom firmware supports full disk encryption on WD MyCloud Ex2 Ultra NAS
## Support
+ USB or SATA drive
+ ext2,3,4, btrfs
+ raid 0,1 and LVM
+ LUKS-encrypted drive
+ ssh-rescue shell
# Make any changes of Ram Disk in initrd folder and recompile it with compile_ramdisk.sh to get new uInitrd (Ram Disk file)
## Usage
# Update Kernel if you have access to shell
wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/uImage (--no-check-certificate in case of error?)
dd if=/dev/zero of=/dev/mtdblock1
dd if=uImage of=/dev/mtdblock1
# Update ramdisk if you have access to shell
wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/uInitrd
dd if=/dev/zero of=/dev/mtdblock2
dd if=uInitrd of=/dev/mtdblock2
# If you don't have access to shell use USB UART connector (press "1" to stop autoboot):
# Connect FT232RL USB UART Converter
# NAS UART
# o - Tx Rx
# o - GND GND
# o - 3.3v -
# - - -
# o - Rx Tx
#
# Use Putty for connection via COM port
# (take port number in Device Manager after installing UART driver, possibly from https://fox-exe.ru/Files/USB-UART/)
# Serial line to connect: COM5
# SPEED: 115200
# Data bits: 8
# Stop bits: 1
# Parity: None
# Flow control: XON/XOFF
usb start
fatload usb 0:1 0xa00000 uImage
fatload usb 0:1 0xf00000 uInitrd
bootm 0xa00000 0xf00000
# Reboot
reboot -f
# Part your new HDDs
# fdisk /dev/sda
# (d) for delete any existing partitions
# (n) for creating new partititions
# We need to delete all partitions
# Create Raid1
mdadm --create /dev/md0 --level=1 --raid-devices=2 --run /dev/sda /dev/sdb
# Alternative, if second HDD will be added later
mdadm --create /dev/md0 --level=1 --raid-devices=2 --run /dev/sda missing
mdadm --manage /dev/md0 --add /dev/sdb
# Encrypt your new partition and open it
sudo cryptsetup -v -y -c aes-cbc-essiv:sha256 --iter-time 2000 --use-random luksFormat /dev/md0
cryptsetup luksOpen /dev/md0 cryptlvm
nohup dd if=/dev/urandom of=/dev/mapper/cryplvm &
#That's going to be few days.
#Check progress with 'ps ax | grep dd' to find out $pid and then kill -USR1 $pid.
#Then `cat nohup.out` will show you the progress.
# Create LVM logical volumes on encrypted partition
lvm pvcreate /dev/mapper/cryptlvm
lvm vgcreate MyVolGroup /dev/mapper/cryptlvm
lvm lvcreate -L 1024MB MyVolGroup -n swap -Zn
lvm lvcreate -L 4096MB MyVolGroup -n root -Zn
lvm lvcreate -l +100%FREE MyVolGroup -n data -Zn
#Scan for created volumes
lvm vgscan --mknodes
# Format and label your partitions
mkswap /dev/MyVolGroup/swap
swapon /dev/MyVolGroup/swap
mkfs.ext4 /dev/MyVolGroup/root
mkfs.ext4 /dev/MyVolGroup/data
# Then we install Debian Stretch kindly provided by Fox-exe.ru repository
mkdir /mnt/root
mount /dev/MyVolGroup/root /mnt/root
cd /mnt/root
wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/debian-stretch-rootfs.tar.xz
tar xvf debian-stretch-rootfs.tar.xz
rm debian-stretch-rootfs.tar.xz
# Update libs for new kernel
wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/libs-4.15.0-rc6.tar.gz
tar xvf libs-4.15.0-rc6.tar.gz
rm libs-4.15.0-rc6.tar.gz
# Then we reboot
cd /
umount /mnt/root
sync
reboot -f
# When system boots after encryption
login: root
password: mycloud
The system will boot only if a keyfile "key.luks" is presend on connected USB device with partition label "key". If no keyfile present
then connect to the system by ssh on port 2222 with a user root, password root and open partition with the command:
"cryptsetup -T 5 luksOpen $device cryptroot".
Run apt upgrade to upgrade to newest Debian
In the root file system put
swapon /dev/mapper/MyVolGroup-swap
mount /dev/mapper/MyVolGroup-data /mnt/data
in rc.local, not in /etc/fstab
Couldn't make reset button to power off, so used cron with eth0 down instead:
0-59 * * * * /bin/ip a | /bin/grep -Eq ': eth0:.*state UP' || /sbin/poweroff