iceriver ultra password

[dropje20]

I put the firmware on it, now I can't log in password error 12345678, what's wrong

[rdugan]

Is this still an issue? Someone else recently had a similar experience, and it appears he was hacked.

[Silent8CH]

I've found the password set in the OC firmware persists across updates and factory resets.

[rdugan]

@Silent8CH yes, it does. there's not really a way for me to reset the password during a hardware reset, as that is all handled in a complex routine that is part of the compiled IceRiver miner application, and my firmware uses a completely new database file it knows nothing about.

but my firmware gives you ssh access on ultras/ks5s now (and you can set it up yourself on the previous models), which means in the situation of a compromised system or lost password, you can simply delete the database via ssh.

you also have API access to update passwords.

[Silent8CH]

@rdugan How can I SSH to my Ultras? I only see ports 80, 443 and 4111 open to them.

[rdugan]

port is 54188 credentials added by my fw are iceriver : 12345678

[Strange2888]

but my firmware gives you ssh access on ultras/ks5s now (and you can set it up yourself on the previous models), which means in the situation of a compromised system or lost password, you can simply delete the database via ssh.

@rdugan Can you tell me how to delete the database via ssh?

My KS0 Ultra was probably hacked this afternoon. Unfortunately, setting the miner to factory settings didn't help. With the original firmware I have access to the WEB GUI. As soon as I install your OC firmware I get "Login incorrect" when I log in.

Thank you for your help.

[rdugan]

@Strange2888 Just delete /var/order/db

sudo rm -rf /var/order/db

You could also try changing the password via the api, though if you were really hacked, they likely changed that key as well.

Which also brings up the point: if you're exposing the machine by forwarding 443 or something else, make sure you not only change the default password, but delete or replace the default api key as well

[Strange2888]

Thank you, @rdugan 👍

it worked and I have access to my miner again.

I immediately changed the password and deleted the API so that it doesn't happen again.

[Aleks05-prof]

Hi. I have the same problem with ks2. The scanner showed Port 48699 (TCP) Dropbear sshd 2018.76 protocol 2.0. I connect Via ssh on this port - password 12345678 is not suitable, access is denied. Help

[rdugan]

I don't add accounts on earlier models. You can follow this for adding your own access.