remote does not work after update to 3.0.0

Discussions about RaZberry - Z-Wave board for Raspberry computer
frako
Posts: 15
Joined: 12 Aug 2019 13:29

Re: remote does not work after update to 3.0.0

Post by frako » 20 Sep 2019 10:09

Hello PoltoS,
It works again. Thank you very much for your help. At the next update I will be more careful.
Kind regards
Frako

MaxP00
Posts: 1
Joined: 09 Oct 2019 14:46

Re: remote does not work after update to 3.0.0

Post by MaxP00 » 13 Oct 2019 17:09

frako wrote:
04 Sep 2019 13:48
No, I'm really not sure of all these things I've done with the update. It seems to me that I made some mistakes. Now I ran the script from the link and got a new z-box web id. But I can't log in via the z-box-web. Does it possibly have something to do with the following? Is a password file missing in the zbw?
pi@raspberrypi:~ $ /etc/init.d/zbw_connect start
cat: /etc/zbw/passwd: Keine Berechtigung
Didn't find passwd file
pi@raspberrypi:~ $
Wait for the next update. The problems will be solved I guess.
Last edited by MaxP00 on 15 Oct 2019 22:15, edited 1 time in total.

CYberF0x
Posts: 3
Joined: 13 Oct 2019 00:01

Re: remote does not work after update to 3.0.0

Post by CYberF0x » 15 Oct 2019 22:07

I have the same issue, after deep dive debugging this zbw thing, a get it to following:

- ZBW is only a ssh tunnel to https://find.z-wave.me.
- /etc/init.d/zbw_connect is this bash script which can run without the start parameter to debug it eg bash -x /etc/init.d/zbw_connect gives you following output:

Code: Select all


++++snip++++

+ ssh -i /tmp/zbw_connect.priv -T -o 'StrictHostKeyChecking no' -o 'UserKnownHostsFile /dev/null' -o 'BatchMode yes' -o 'SendEnv ZBW_*' -o 'ExitOnForwardFailure yes' -o 'ServerAliveInterval 30' -o 'ServerAliveCountMax 3' -R 0.0.0.0:10000:127.0.0.1:8083 -R 0.0.0.0:10001:127.0.0.1:22 remote@find.z-wave.me
Warning: Permanently added 'find.z-wave.me,78.46.43.211' (ECDSA) to the list of known hosts.
- find.z-wave.me resolves to different IPs, there is a load balancer or DNS RR behind the url, you will get different IPs
- if the connection is successful you will see in netstat something like that

Code: Select all

root@raspberrypi:/tmp# netstat -pan | grep ssh
+++snip++++
tcp        0      0 192.168.1.80:47330      78.46.43.211:22         ESTABLISHED 4131/ssh
+++snip+++
root@raspberrypi:/tmp#
- 78.46.43.211 resolves to find.z-wave.me
- in /etc/zbw you get the files userid, which is your remote id and passwd which is need i think at the remote site other stuff, see also the SSH parameter -o 'SendEnv ZBW_*' which is sending id, port (8083) and pw to the tunnel.
- one hint, if there is a no_connection file under /etc/zbw/flags the script wont connect, delete it and it works.
- but at the end nothing helps, i cant log in via https://find.z-wave.me

- the authorization is done via private keys wich will generated with this command: sudo wget 'http://find.z-wave.me/zbw_new_user?box_type=razberry' -O /tmp/zbw_connect_setup.run && sudo bash /tmp/zbw_connect_setup.run -y && sudo /etc/init.d/zbw_connect start
- you will get a unique private key included within the script at the end, wich will be then exported to /tmp/zbw_connect.priv during execution of the start script.

So think there is something wrong on the find.z-wave.me, maybe the user login changed with version 3.0 and the user/pwd fields are different.

additionally: i have done some testing with tcpdump and wireshark. There are not packaged coming trough the tunnel if you try out a login over find.z-wave.me...

There is something critical within the script with the parameter "-R 0.0.0.0:10001:127.0.0.1:22". This leads to a connection from find.z-wave.me to your SSH shell trough the tunnel. Many raspberries are configured with the standard user pi and password. This can be a hughe security isse, if somebody hacks find.z-wave.me. Maybe i am wrong ... just a short look up.
Last edited by CYberF0x on 15 Oct 2019 22:37, edited 1 time in total.

CYberF0x
Posts: 3
Joined: 13 Oct 2019 00:01

Re: remote does not work after update to 3.0.0

Post by CYberF0x » 15 Oct 2019 22:12

MaxP00 wrote:
13 Oct 2019 17:09
frako wrote:
04 Sep 2019 13:48
No, I'm really not sure of all these things I've done with the update. It seems to me that I made some mistakes. Now I ran the script from the link and got a new z-box web id. But I can't log in via the z-box-web. Does it possibly have something to do with the following? Is a password file missing in the zbw?
pi@raspberrypi:~ $ /etc/init.d/zbw_connect start
cat: /etc/zbw/passwd: Keine Berechtigung
Didn't find passwd file
pi@raspberrypi:~ $
Wait for the next update. The problems will be solved I guess.
you need to be root, try this and see what happens, read my post before.

Code: Select all

pi@raspberrypi:~ $ sudo su -
root@raspberrypi:~#bash -x /etc/init.d/zbw_connect

enbemokel
Posts: 298
Joined: 08 Aug 2016 17:36

Re: remote does not work after update to 3.0.0

Post by enbemokel » 16 Oct 2019 13:50

Thanks for your detailed analysis, may be helpful also for other problems.

User avatar
PoltoS
Posts: 4991
Joined: 26 Jan 2011 19:36

Re: remote does not work after update to 3.0.0

Post by PoltoS » 17 Oct 2019 01:29

CYberF0x wrote:
15 Oct 2019 22:07
...
Nice analysis. All correct.

How do you try to connect? You should use your boxID/login and password.

Box ID is the one generated during

Code: Select all

sudo wget 'http://find.z-wave.me/zbw_new_user?box_type=razberry' -O /tmp/zbw_connect_setup.run && sudo bash /tmp/zbw_connect_setup.run -y && sudo /etc/init.d/zbw_connect start
Example:
12345/admin
pasSw0rd

Post Reply