OMV4.x on a HC2 - First root login

  • Hi guys,


    yesterday I installed OMV on a Odroid HC2 with etcher. I was surprised, because the first time of calling the web interface, the login screen was displayed immediately. I expecting an installation routine like a X86 installation or sonething else. I login with admin (password: openmediavault) and change the passwort. I try a rsync job and filled up the harddisk (0 bytes free) only for a test.
    Today I try to install Shellinabox to clean up the harddisk . It stopped with the following error message:




    Code
    OMV\Config\DatabaseException: Failed to execute XPath query '//services/shellinabox'. in /usr/share/php/openmediavault/config/database.inc:78
    Stack trace:
    #0 /usr/share/openmediavault/engined/module/shellinabox.inc(58): OMV\Config\Database->get('conf.service.sh...')
    #1 /usr/share/openmediavault/engined/rpc/services.inc(56): OMV\Engined\Module\Shellinabox->getStatus()
    #2 [internal function]: OMVRpcServiceServices->getStatus(Array, Array)
    #3 /usr/share/php/openmediavault/rpc/serviceabstract.inc(123): call_user_func_array(Array, Array)
    #4 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('getStatus', Array, Array)
    #5 /usr/sbin/omv-engined(536): OMV\Rpc\Rpc::call('Services', 'getStatus', Array, Array, 1)
    #6 {main}

    The error message appers every 5 seconds on the web interface.


    I try to login via root to the ssh shell. How is the password? openmediavault or 1234 failed.


    Second: How can I solve the Shellinthebox error?


    Thanks for help.


    greetings


    phoneo

  • I assume you have used one of those images?
    --> sourceforge.net/projects/openm…ngle%20Board%20Computers/

    Yes.

    If yes, these are the passwords:

    No, not for my ssh connection ... :) . I konw the standard passwords. But root with openmediavault via ssh fails.


    Any other idea? Yes, I can reinstall OMV, because it is only a first test installation. But I think, maybe this problem is interesting for the developers.

    • Offizieller Beitrag

    I suspect that you filled up the root file system, not the hdd? That is a critical and possibly destructive error that never should happen. It might be possible to recover, but likely not by using the OMV GUI.

  • I suspect that you filled up the root file system, not the hdd?

    I filled up the hdd.



    Maybe the flash card (a new one) have errors. I try another card for a new installation.


    @tkaiser


    I found this in the forum:


    Establish an SSH connection to OMV and log in with user 'root' and password '1234' as @tkaiser has posted.

    I found also the correction, but it could have been possible that the password was changed. That would be a reasonable explanation of why you remembers to 1234. openmedivault and 1234 are not so similar that they could be confused...

  • openmedivault and 1234 are not so similar that they could be confused...

    1234 is the default root password Armbian uses and the OMV images for ARM and VideoCore SBC are based on Armbian. But on the OMV images I changed that to openmediavault. Doesn't change a bit that following the readme.txt at download location is most basic requirement since of course SSH login with root and a widely known password is NOT active and needs to be enabled first.

  • Doesn't change a bit that following the readme.txt at download location

    Let`s don`t turn in cycles. :) Read my first thread:


    How is the password? openmediavault or 1234 failed.


    I konw the standard passwords. But root with openmediavault via ssh fails.


    An answer that refers back to the default password is useless! Especially not with a pointed answer like yours.

    • Offizieller Beitrag

    But root with openmediavault via ssh fails.

    You have to login locally with root UNTIL you enable root login in the web interface (disabled by default on arm images). The readme does mention this and tkaiser mentioned this as well.


    If you can't login locally, add a user in the omv web interface and include them in the ssh and sudo groups. Then you can change the root password with sudo passwd root

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • If you can't login locally, add a user in the omv web interface and include them in the ssh and sudo groups. Then you can change the root password with sudo passwd root

    Thank you, that was very helpful @ryecoaaron! I could change the password, but root login failed again. Next I looked to the sshd_config: PermitRootLogin was disabled! =O Back to the web interface: PermitRootLogin was disabled, too. But I change nothing in the ssh config and I guess that PermitRootLogin enable is a default setting from OMV?


    Oh no, that was the right answer:


    root UNTIL you enable root login in the web interface (disabled by default on arm images)

    My first setup was on a X86, a month ago. So that small difference to an arm image was not present for me. Bad trap.

    • Offizieller Beitrag

    So that small difference to an arm image was not present for me. Bad trap.

    We did that because arm images aren't installed meaning the user can't set the root password like you do on x86. Because all arm images have the same password, we didn't want anyone to be able to login as root over ssh. So, we disabled root logins.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

    • Offizieller Beitrag

    It is usually BAD and possibly DANGEROUS to allow remote root ssh login. If allowed it simplifies remote exploits and intrusions.


    That is why remote root ssh login may be disabled by default. And why it should remain disabled, in my opinion.


    GOOD practice is to immediately after a successful install, login using the GUI as admin:openmediavault and:


    1. Change the admin GUI password.
    2. Create a new user.
    3. Add the new user to groups ssh and sudo.


    After this you can login using ssh with the new user. If you need to perform some task that requires root privileges you use sudo or possibly su.

    • Offizieller Beitrag

    It is usually BAD and possibly DANGEROUS to allow remote root ssh login. If allowed it simplifies remote exploits and intrusions.

    Debian 10 disables root login via ssh by default. Ubuntu has also done this for a long time except Ubuntu has the root password disabled as well.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • While I was looking for the error, I sometimes think ist seems like a RootPermission denied problem. But I didn't draw the consequences.

    We did that because arm images aren't installed meaning the user can't set the root password like you do on x86.

    I understand it. And I know that I made a beginners mistake.


    @Adoby Thanks for your advise. I will concider it. There is still a lot to learn for me (special permission handling), but I am an educated student and grateful for every tip! :)

  • 2. Create a new user.
    3. Add the new user to groups ssh and sudo.

    In general I agree. But here's the problem and that's why I wrote in the readme at the download location (that gets ignored of course since displayed below the download links):


    SSH login has to be enabled in web UI prior to usage: Services --> SSH --> Permit root login


    Due to the way how the images are created we have an active root account with a well known password. So once an administrator creates more users and allows them to login as well we created a situation where such a new user logs in, then uses su and can then simply overtake the installation unless the administrator himself assigned a good root password before. That's where the recommendation to 'Permit root login' originates from in the hope the administrator will then login as root himself and is immediately forced to change the password to something secret and sane.


    Only alternative would be to totally 'disable' the root account as it's done in Ubuntu or macOS for example. All my discussions so far with Debian 'fans' led to the conclusion that taking away that 'venerable' account is not worth the hassles/discussions... Maybe in 5 years...

    • Offizieller Beitrag

    Only alternative would be to totally 'disable' the root account as it's done in Ubuntu or macOS for example. All my discussions so far with Debian 'fans' led to the conclusion that taking away that 'venerable' account is not worth the hassles/discussions...

    Debian fans aside, I think it would be fine doing it on OMV especially on the arm images. If you are using the command line, you probably know how to 'enable' the root account if we disabled it by default. The only problem is if someone needs to find the IP address locally and can't access the web interface.

    omv 7.0.4-2 sandworm | 64 bit | 6.5 proxmox kernel

    plugins :: omvextrasorg 7.0 | kvm 7.0.10 | compose 7.1.2 | k8s 7.0-6 | cputemp 7.0 | mergerfs 7.0.3


    omv-extras.org plugins source code and issue tracker - github


    Please try ctrl-shift-R and read this before posting a question.

    Please put your OMV system details in your signature.
    Please don't PM for support... Too many PMs!

  • Today I try to install Shellinabox to clean up the harddisk . It stopped with the following error message:



    • OMV\Config\DatabaseException: Failed to execute XPath query '//services/shellinabox'. in /usr/share/php/openmediavault/config/database.inc:78
    • Stack trace:
    • #0 /usr/share/openmediavault/engined/module/shellinabox.inc(58): OMV\Config\Database->get('conf.service.sh...')
    • #1 /usr/share/openmediavault/engined/rpc/services.inc(56): OMV\Engined\Module\Shellinabox->getStatus()
    • #2 [internal function]: OMVRpcServiceServices->getStatus(Array, Array)
    • #3 /usr/share/php/openmediavault/rpc/serviceabstract.inc(123): call_user_func_array(Array, Array)
    • #4 /usr/share/php/openmediavault/rpc/rpc.inc(86): OMV\Rpc\ServiceAbstract->callMethod('getStatus', Array, Array)
    • #5 /usr/sbin/omv-engined(536): OMV\Rpc\Rpc::call('Services', 'getStatus', Array, Array, 1)
    • #6 {main}

    This problem probably only occurs if the root password has not yet been changed.

Jetzt mitmachen!

Sie haben noch kein Benutzerkonto auf unserer Seite? Registrieren Sie sich kostenlos und nehmen Sie an unserer Community teil!