as a good boy i just upgraded my QNAP NAS to the latest available firmware, 4.5.1.1465, but after the reboot there's an ugly surprise awaiting for me
once i ssh'd into the box to do my stuff, instead of a familiar bash prompt i'm greeted by a management menu that allows me to perform some basic management tasks or quit it and go back to the shell. i dont really need this menu (in particular because i have automations that regularly ssh into the box and they are not meant to be interactive).
to disable it: edit /etc/profile and comment the line "[[ "admin" = "$USER" ]] && /sbin/qts-console-mgmt -f" (you can judge me later for sshing as root)
UPDATE (2020-12-26): as pointed out in the comments, and discovered now after an upgrade, the menu comes back up after because /etc/profile is a system file for QNAP so gets replaced/updated by them often
13 comments:
Well, is there any other way than SSH-ing as root? I had for a brief time a QNAP, but sold it as I found out that it's very restrictive environment, and I wasn't able to actually add a non-root user for SSH.
Too bad, the hardware was pretty neat.
tbh, i dont know and never cared to check: i'm on with sshing as root
there is.
in cca 2018 QTS, SSH users is an option in Control Panel > Network > Telnet
but also, or before that:
enable it in ssh server config /etc/config/ssh/sshd_config add username in AllowUsers
then define sudoers in a file in path /usr/etc/sudoers.d, trick is that the second one is tmpfs, search how to edit autorun to add the file on each boot.
But to confess I still use root (admin) to SSH in WinSCP while local.
and yes, QNAP's security is rubbish, but so is Synology's and what would you do?
Below all that it's still linux, we are free to enable, disable, modify what we want.
The menu is started with "/sbin/qts-console-mgmt -f" in the last line of /etc/profile. You can delete this line and have freedom. - At least until the next update... ;-)
did you try restart yet since your hack? ;)
it's "embedded" system, files come back each boot.
Hello, how do you modify the scripts if the new menu comes out through ssh? I made those modifications by ssh, now I don't know how to do it. I have created a new user, I have given him permissions for sshi and with that user if I get the usual bash console, but I have no privileges to do anything. I use sudo but the password is not that of the admin account with which I enter through the web. Am I lost? Can you help me?
Megatron555, you're probably better off by just using admin; but if you want to explore a different user, i suggest to follow up with the QNAP forums or user support channels.
Just set this to run at startup and it will prevent this from happening again...
sed -i '/^[^#]/ s/\(^.*\[\[ "admin" = "\$USER" \]\].*$\)/#\ \1/' /etc/profile
This can be set in control panel now:
Control Panel > System > General Settings > Console Management > Enable Console Management
Hi @Flexer,
Not in all releases... I'm on h4.5.1.1582 (2021/02/17) and the option isn't there.
If you look in /etc/profile, you will see the following line near the bottom:
[[ "admin" = "$USER" ]] && [[ "TRUE" == "$(getcfg -f /etc/config/uLinux.conf -d TRUE 'Console Mgmt' 'Auto Launch')" ]] && /sbin/qts-console-mgmt -f
This tells us that we need to edit /etc/config/uLinux.conf and add the following:
[Console Mgmt]
Auto Launch = FALSE
Post a Comment