Differences

This shows you the differences between two versions of the page.

--- ccgx:root_access [2023-10-17 13:48] – [3.3 Enable sshd and log in] dfaber
+++ ccgx:root_access [2024-12-03 11:17] (current) – [3.1 Set access level to Superuser] mvader
@@ Line 33: / Line 33: @@
 ==== 3.1 Set access level to Superuser ====
-To set the root password, first set the access level to Superuser:
+To set the root password, first set the access level to Superuser.
   - Go to Settings, General
   - Set the Access Level to User and installer, the password is ''ZZZ''
   - Highlight Access Level (don't open the select page, ie. make sure you are in the General Page, not the Access Level page)
-  - Press and hold the right button of the center pad until you see the Access Level change to Superuser. Note: when working from the Remote Console, you need to use the right key on your keyboard. Pressing and holding the right button with your mouse won't work.
+  - Press and hold the right button of the center pad until you see the Access Level change to Superuser. Note: when working from the Remote Console using the Classic UI, you need to use the right key on your keyboard. Pressing and holding the right button with your mouse won't work. When using the New UI, select, drag down and hold down the entire list of General menu entries for five seconds, and until you see the Access level change to super user.
 Now you have access to the super user features.
@@ Line 49: / Line 50: @@
 Note that, for firmware version v2.00 and later, the root password will be reset by a firmware update. The reason is that the passwd file is on the rootfs, which is fully replaced by an update. More info [[https://github.com/victronenergy/venus/wiki/swupdate-project|here]].
-Our advice is to create a complex root password. But use it to login only the first time, and then install a public ssh key(s). Thereafter login with the keys. If key authentication works, you can also
+Our advice is to create a complex root password. But use it to login only the first time, and then install a public ssh key(s). Thereafter login with the keys. If key authentication works, you can
-safely delete the root password afterwards (''passwd --delete root'').
+safely disallow root logins with a password with '' echo 'root:*' | chpasswd -e ''.
+The password needs to be 6 characters long, minimum.
 ==== 3.3 Enable sshd and log in =====
@@ Line 89: / Line 91: @@
 If the files ''/data/rcS.local'' or ''/data/rc.local'' exists, they will be called early (rcS) and late (rc) during startup. These scripts will survive upgrades and can be used by customers to start their own custom software. Implementation details in [[https://github.com/victronenergy/meta-victronenergy/commit/2dbd16c560ff7cdf70b1d676c0616013169c7484|this commit]].
-Also if ''venus-data.{tar.gz,tgz,zip}'' is found on removable storage (usb stick, sd-card) when booting, it will be unpacked into /data. Implementation details in [[https://github.com/victronenergy/meta-victronenergy/commit/469760fef4ed2ee977f482c997ac24c2678222c5|this commit]]. Added per Venus v2.30~28. Use this to for example make a USB stick that installs the modifications.
+Also if ''venus-data.*.{tar.gz,tgz,zip}'' is found on removable storage (usb stick, sd-card) when booting, it will be unpacked into /data. Implementation details in [[https://github.com/victronenergy/meta-victronenergy/commit/469760fef4ed2ee977f482c997ac24c2678222c5|this commit]]. Added per Venus v2.30~28. Use this to for example make a USB stick that installs the modifications. You can combine multiple files on the device; they will be run in alphabetical order.
 That venus-data file has one extra feature: if the archive contains ''rc/*'' files, it will extract those first. And if there is a file called ''rc/pre-hook.sh'' it will run this before unpacking the rest of the archive. Similarly, if there is a file called ''rc/post-hook.sh'', then that file will run this after the unpacking of the archive. For details, read the code in the ''/etc/rc5.d/S30update-data.sh'' file.
+You can draw further inspiration from [[https://github.com/victronenergy/meta-victronenergy/tree/master/meta-venus/scripts|here]], where the code resides to generate files for making backups of the ''/data'' partition, resetting Node-RED and SignalK and more scripts.
 You can test the 'update' with
@@ Line 116: / Line 120: @@
 === 4.2.2 Read-only rootfs ===
-By default, the rootfs is mounted read only. Also, by default, it only has 5% of free space.
+By default, the rootfs is mounted read only. Also, by default, it only has 5% of free space, while the partition in which its installed is actually larger.
-The solution is to run ''/opt/victronenergy/swupdate-scripts/resize2fs.sh''.
+The recommended method to **(a)** mount it as read/write, and **(b)** expand it to use all of the available space in its partition, is by running ''/opt/victronenergy/swupdate-scripts/resize2fs.sh''.
-Further details in the next section.
+Here is a short overview of the three ways mount the rootfs as read/write:
+  * //temporally//: issue the command ''mount -o remount,rw /'' (which holds until the next reboot or issueing ''mount -o remount,ro /'')
+  * //semi-permanent//: issue the command ''/opt/victronenergy/swupdate-scripts/remount-rw.sh'' (which holds until the next firmware update)
+  * //permanent//: adding one of the above commands to ''/data/rc.local'' (which holds permanently)
 === 4.2.3 Always prevent running out of diskspace ===
@@ Line 155: / Line 163: @@
 For more advanced features please check the manual page of [[https://man7.org/linux/man-pages/man1/diff.1.html|diff]] and [[https://man7.org/linux/man-pages/man1/patch.1.html|patch]].
+In this thread, there is an example of how to make a patch file to change a certain setting in the GX, and how to apply that at boot. To make it survive a firmware update:
+https://community.victronenergy.com/idea/201826/lets-define-a-local-ntp-server.html
 ==== 4.4 Adding or modifying services ====
@@ Line 165: / Line 176: @@
 ''/service''.
-By default the root filesystem of Venus is read-only. There are three ways to change that:
+Further details here: https://github.com/victronenergy/venus/wiki/howto-add-a-driver-to-Venus#installing-a-driver-that-doesnt-depend-on-a-serial-port
-  * //temporally//: issue the command ''mount -o remount,rw /'' (which holds until the next reboot or issueing ''mount -o remount,ro /'')
-  * //semi-permanent//: issue the command ''/opt/victronenergy/swupdate-scripts/remount-rw.sh'' (which holds until the next firmware update)
-  * //permanent//: adding one of the above commands to ''/data/rc.local'' (which holds permanently)
 ===== 5. Hardening a GX device =====
@@ Line 343: / Line 350: @@
 {{ :ccgx:octo-gx_serial-console.jpg?300 |}}
+==== 6.6 Ekrano GX ====
+Getting to console on the Ekrano GX is not that easy. The pins are located between the network and USB connector on the back of the device.
+  - Black: ground
+  - NC
+  - NC
+  - Green: RX of the Ekrano GX - connect to TX on your cable
+  - White: TX of the Ekrano GX - connect to RX on your cable
+  - NC
+{{ :ccgx:ekrano-console.jpg?300 |}}