Activer le SSH sur sa Fonera+
Contents
1 Introduction
La Fonera est une boiboite qui s'appuye sur un OpenWRT et qui permet de distribuer sur Wifi (HotSpot). Pour en savoir plus, je vous invite à aller sur le site officiel. Bref, il est possible de jouer un peu plus que les fonctions de base avec, c'est pourquoi, je me suis attaquer au SSH sur la bete.
Important : Toute modification de firmware peut prendre 10 min pour une mise à jour. Ne rebootez donc pas avant !
2 Prérequis
- Un serveur web
Apache peut faire l'affaire... (sur mac : /Library/WebServer/Documents)
- Pensez à couper votre firewall le temps de la manipulation
- Perl et la dépendance perl-Net-Telnet :
Ouvrez cpan puis faite :
install Net::Telnet
- Installez fping :
apt-get install fping
ou sur mac :
sudo port install fping
- Ce fichier perl redboot.pl à mettre dans la racine de votre serveur web
- Le firmware qui est également à mettre dans la racine de votre serveur web
- Une connexion réseau direct avec la Fonera (via son port WAN, le noir)
- Configurer son adress IP en 192.168.1.254
3 Flashing avec le nouveau Firmware
Lancez le script redboot.pl que vous avez télécharger comme ceci :
perl redboot.pl 192.168.1.1
Une fois la connection effectuée, rensignez l'IP de la Fonera :
ip_address -l 192.168.1.1/24 -h 192.168.1.254
puis tappez:
fis delete image load -r -b 0x80100000 /firmware_francofon.bin -m HTTP -h 192.168.1.254 fis create -b 0x80100000 -l 0x00237040 -f 0xA8040000 -e 0x80040400 -r 0x80040400 image
Vous devriez donc quelquechose du genre :
192.168.1.1 is unreachable 192.168.1.1 is alive -> == Executing boot script in 1.910 seconds - enter ^C to abort <- ^C Trying 192.168.1.1... Connected to 192.168.1.1. Escape character is '^]'. RedBoot> ip_address -l 192.168.1.1/24 -h 192.168.1.254 IP: 192.168.1.1/255.255.255.0, Gateway: 0.0.0.0 Default server: 192.168.1.254
RedBoot> fis delete image Delete image 'image' - continue (y/n)? y ... Erase from 0xa8040000-0xa8277040: .................................... ... Erase from 0xa87e0000-0xa87f0000: . ... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
RedBoot> load -r -b 0x80100000 /firmware_francofon.bin -m HTTP -h 192.168.1.254 Raw file loaded 0x80100000-0x8033703f, assumed entry at 0x80100000
RedBoot> fis create -b 0x80100000 -l 0x00237040 -f 0xA8040000 -e 0x80040400 -r 0x80040400 image ... Erase from 0xa8040000-0xa8277040: .................................... ... Program from 0x80100000-0x80337040 at 0xa8040000: .................................... ... Erase from 0xa87e0000-0xa87f0000: . ... Program from 0x80ff0000-0x81000000 at 0xa87e0000: .
Patientez jusqu'à la fin du flashage. Un petit reboot :
RedBoot> reset
Vous devriez désormais avoir accès au ssh de votre fonera :-) :
ssh -l root 192.168.10.1 The authenticity of host '192.168.10.1 (192.168.10.1)' can't be establish RSA key fingerprint is 5c:d3:42:ed:52:6d:c0:c6:fb:ec:84:57:18:24:d7:be. Are you sure you want to continue connecting (yes/no)? yes Warning: Permanently added '192.168.10.1' (RSA) to the list of known host root@192.168.10.1's password: BusyBox v1.4.1 (2007-09-03 10:39:50 UTC) Built-in shell (ash) Enter 'help' for a list of built-in commands. ______ __ /\ ___\ /\ \ \ \ \__/ __ ___ __ _ __ __ \_\ \___ \ \ _\/ __`\ /' _ `\ /'__`\/\`'__\/'__`\ /\___ __\ \ \ \/\ \L\ \/\ \/\ \/\ __/\ \ \//\ \L\.\_ \/__/\ \_/ \ \_\ \____/\ \_\ \_\ \____\\ \_\\ \__/.\_\ \ \_\ \/_/\/___/ \/_/\/_/\/____/ \/_/ \/__/\/_/ \/_/ -------------- Fonera 1.5 Firmware (v1.1.1.1) ----------------- * Based on OpenWrt - http://openwrt.org * Powered by FON - http://www.fon.com ----------------------------------------------------- root@OpenWrt:~# Wow!!! Your Fonera+ is now FREE!
4 FAQ
4.1 Le script redboot ne trouves pas ma fonera
Il faut s'assurer que le voyan POWER est ok. Si ce n'est pas le cas, débranchez 10 sec la Fonera puis rebranchez la !
4.2 FON_ATTENTION_PLEASE_CONNECT
Lorsque je scan le WIFI chez moi je décrouvre un SSID non crypté du nom "FON_ATTENTION_PLEASE_CONNECT". Ca c'est un flashing qu'a foiré. Il faut donc télécharger sur le site officiel le firmware officiel afin de remettre le firmware d'origine.
Connectez vous sur ce signal puis tapez http://192.168.1.1. Maintenant, uploadez le firmware puis vous allez voir ce genre de choses :
Firmware upgrade and hotfix installation Ooooops! Looks like the La Fonera is not working properly. You need to reinstall the fon software in it. Please, provide a valid full firmware in the box below (you can find them at fon's download page) or contact fon support at support@fon.com FON upgrade file Upgrading... Wait for the router to reflash itself. This can take up to some minutes. DO NOT DICONNECT THE LA FONERA in 10min This is a FON reflash v2 archive Verified OK Upgrade name: reflash_all grep: /etc/hotfix: No such file or directory Upgrading FON firmware and rebooting... This may take up to 10 minutes. Please be patient. The power light will be alternating green and orange. When the process is finished the light will stay orange while rebooting Flashing image... The upgrade process was successful Press here to return to the index page
4.3 Updating personal config from FON
Just after flashing your Fonera+ will reset with factory default settings. You can verify this going into your HTTP console on 192.168.10.1
To update your config log-on to www.fon.com, and access userzone. Select your router, and update WLAN private and public SSID names. If you don't want to change the name, please just change one letter, click on "update" button, and change again to the right name. For the private WLAN: change the WEP/WPA key encryption using the same method.
Fon.com servers will send the new config to your Fonera+. Wait few minutes and check in your local HTTP console. You don't need to reboot.
4.4 Registered or not?
If your Fonera+ has been registered before the SSH-unlock, check on your local HTTP console status if all is ok. If logo displayed is "your Fonera+ has not been registered", it is important to change this parameters to give access to users on your public WLAN.
To do this, open SSH console :
echo 1 > /etc/config/registered
Reboot your Fonera+, connect again to your HTTP local console, and verify the change to the logo: " Your Fonera is registered OK"
4.5 Bandwidth, QoS, transfer rate
Once your Fonera+ is running, configured and registered, check your transfer rate on all ports!
Default settings in original FON firmware 1.1.1r1 are 1024kb/s for download and 128kb for upload (WAN port).
Adjust this settings to your ISP speed line, in this example 2048kbs for D/L and 256 kbs for U/L.
uci set qos.wan.upload=256 uci set qos.wan.download=2048 uci commit
Reboot and perform a new speed transfer test on WLAN and LAN.
Disable FON QoS service (not recommended) :
uci set qos.wan.enabled=0 uci commit
5 Ressources
http://www.jopa.fr/index.php/2008/03/24/jouer-avec-la-fonera-2eme-partie-hacker-la-fonera/
http://www.cs.helsinki.fi/u/sklvarjo/lafon.htm
http://www.dd-wrt.com/dd-wrtv3/dd-wrt/downloads.html