Space Invaded
Die dritte Temporary Space Invasion kann beginnen.
Artikel mit Tag embedded
3d-printing arduino asozial 2.0 blinkenwall diy dj electronics elektronik event hackerspace hacking hard-dj hardwarehacking homebrew innsbruck it-syndikat löten midi music party 42 atmega bleepdrum dynamask fun ebook english kobo linux rsync 33c3 c64 ccc congress hebocon crypto cryptoparty enigma compressorhead 32c3 gtk gtk3 kritzler soldering leds pcb space invasion workshop
Die dritte Temporary Space Invasion kann beginnen.
rsync for the Kobo
I've recently got an ebook reader - I decided to take a Kobo for a number of ressons:
And always backup all your data first! If you screw something up you will need to do a factory reset - and this will wipe all data. Why rsync? For backups - my tool of choice is dirvish. Of course I could connect the Kobo via USB, mount it and do the backup from there, but I prefer the direct way. And I can do a full system backup, not only the data.
Some tutorials I found recommend to do a factory reset first, I did not and it just worked fine. The hardest part is to find the download Url of the firmware package. You could try to run an update on your Kobo and sniff the network or use the (Win only) setup software and have a look what it downloads. Or just trust other people who have already collected the urls - like in this thread @ mobileread.com. Unzip that and you will find KoboRoot.tgz besides other stuff we don't need now. From the tar we just need a few files:
- pretty cheap
- easily hackable (and it seems that they understand Open Source - Most of the software for their devices is on github - https://github.com/kobolabs )
- no hard vendor lock-in (Well, they do have their kobo-store, but you are not forced to use it.)
And always backup all your data first! If you screw something up you will need to do a factory reset - and this will wipe all data. Why rsync? For backups - my tool of choice is dirvish. Of course I could connect the Kobo via USB, mount it and do the backup from there, but I prefer the direct way. And I can do a full system backup, not only the data.
Step 1) Getting a root Shell
The Kobo runs on Linux with busybox, so it has a telnet server already installed but not activated. So we don't need additional software for this step, we just need to change a few config files. To do this the update system can be misused - it's pretty simple: Connect via USB and put a KoboRoot.tgz into the .kobo folder. This file will then be extracted to / - without any kind signature checks or similar. Easy to use, but also easy to break stuff.Some tutorials I found recommend to do a factory reset first, I did not and it just worked fine. The hardest part is to find the download Url of the firmware package. You could try to run an update on your Kobo and sniff the network or use the (Win only) setup software and have a look what it downloads. Or just trust other people who have already collected the urls - like in this thread @ mobileread.com. Unzip that and you will find KoboRoot.tgz besides other stuff we don't need now. From the tar we just need a few files:
tar -xvzf ../KoboRoot.tgz ./etc/init.d/rcS ./etc/inetd.conf ./etc/inittabIn the Package for my device there is no /etc/inittab included, so I had to trust the files I found in the net. Get inetd to listen on port 23 and run telnet - add to etc/inetd.conf:
23 stream tcp nowait root /bin/busybox telnetd -iThe standard firmware does not mount /dev/pts which is necessary for telnet. I added to etc/init.d/rcS just below the other mount-lines:
mkdir -p /dev/pts mount -t devpts devpts /dev/ptsAnd finally we need to make sure inetd gets started. Add to etc/inittab:
::respawn:/usr/sbin/inetd -f /etc/inetd.confor like I did just create the etc/inittab
::sysinit:/etc/init.d/rcS ::respawn:/sbin/getty -L ttymxc0 115200 vt100 ::ctrlaltdel:/sbin/reboot ::shutdown:/bin/umount -a -r ::restart:/sbin/init ::respawn:/usr/sbin/inetd -f /etc/inetd.confTar this into a KoboRoot.tgz and put the file into .kobo on your device. After disconnecting USB it will install it and reboot. Turn on Wifi in the settings and start the Browser (it enables Wifi only on demand, starting the browser makes sure it really does) and you should be able to connect via telnet as root without password. The kobo is wide open now, do this only in a secure network.
Step 2) install the dropbear ssh server
So far I'm too lazy to set up a build environment for the Kobo, so I'm using binaries from the debian armhf port. After reading tjms comment I started with Maemo binaries. While they do work for dropbear they fail with rsync, more about that later. Download the deb from https://packages.debian.org/wheezy/armhf/dropbear/download, unpack it and create a Kobo update package:
mkdir d
cd d
ar x ../dropbear*.deb data.tar.gz
tar xzf data.tar.gz
tar -cvzf ../KoboRoot.tgz usr/{bin,lib,sbin}
Copy the KoboRoot.tgz into .kobo of the reader and let it install and reboot again.
Then connect via telnet to set it up:
# add the private key(s) for the box(es) you want to connect from mkdir -p /root/.ssh echo "your key" >> /root/.ssh/authorized_keys # create host key mkdir -p /etc/dropbear cd /etc/dropbear test -f rsa_host_key || dropbearkey -t rsa -f rsa_host_key test -f dss_host_key || dropbearkey -t dss -f dss_host_key # dropbear complains if this is not present touch /var/log/lastlog # edit /etc/passwd vi /etc/passwdHere we need to disable the login without password and change root's home directory from / to /root.
root:x:0:0:root:/root:/bin/shYou could also set a password for root, but for me it's fine to have pubkey access only. In the passwd file there is a second root user "admin" with password "admin". I don't know yet if it's used for something and if it's safe to delete it. Now we can try dropbear:
/usr/sbin/dropbear -d /etc/dropbear/dss_host_key -r /etc/dropbear/rsa_host_key -F -s -ETry to login via ssh. Maybe there are some permissions to change. If this is successful add dropbear to /etc/inittab:
::respawn:/usr/sbin/dropbear -d /etc/dropbear/dss_host_key -r /etc/dropbear/rsa_host_key -F -sand remove the previously added line for inetd (telnet).
Step 3) rsync
This took me a while since I started with Maemo packages - rsync just did exit 1 without any further notice, strace and LD_DEBUG did not really help, finally derRichard pointed me to the right direction: The Kobo uses EABI5, Maemo EABI4, so everything that needs additional shared libraries will fail. Download rsync and libpopt from https://packages.debian.org/wheezy/armhf/rsync/download and https://packages.debian.org/wheezy/armhf/libpopt0/download This time no more need to use the Kobo updater, i just scp it to the device:ar x rsync_*.deb data.tar.gz mkdir rsync cd rsync tar -xvzf ../data.tar.gz scp usr/bin/rsync root@kobo:/usr/bin/ cd .. ar x libpopt0_*.deb data.tar.gz mkdir libpopt cd libpopt tar -xvzf ../data.tar.gz scp scp lib/libpopt.so.0.0.0 root@kobo:/lib/and on the Kobo:
cd /lib ln -s libpopt.so.0.0.0 libpopt.so.0and rsync works:
[root@(none) ~]# rsync --version
rsync version 3.0.9 protocol version 30
Copyright (C) 1996-2011 by Andrew Tridgell, Wayne Davison, and others.
Web site: http://rsync.samba.org/
Capabilities:
64-bit files, 64-bit inums, 32-bit timestamps, 64-bit long ints,
socketpairs, hardlinks, symlinks, IPv6, batchfiles, inplace,
append, ACLs, xattrs, iconv, symtimes
rsync comes with ABSOLUTELY NO WARRANTY. This is free software, and you
are welcome to redistribute it under certain conditions. See the GNU
General Public Licence for details.
some Kobo hacking resources: