With stock firmware, there’s no ssh/telnet capability in the box. We are going to “open” it.

Goal 1: Open the Stock Firmware

Get ACP Commander from here. This is the most useful tools ever created by the community to gain root access. You will need a Java JRE to be installed in your machine.

Verify that current admin password is work.

java -jar acp_commander.jar -t NAS_IP -ip NAS_IP -pw Youradminpassword -c "ls /"

Let’s the fun begin. First we’ll issue a new SSH password for root user

java -jar acp_commander.jar -t NAS_IP -ip NAS_IP -pw Youradminpassword -c "(echo newrootpass;echo newrootpass)¦passwd"

Then we’ll allow root to login using plaintext

java -jar acp_commander.jar -t NAS_IP -ip NAS_IP -pw Youradminpassword -c "sed -i 's/UsePAM yes/UsePAM no/g' /etc/sshd_config"

After that, we’ll need to allow root to SSH

java -jar acp_commander.jar -t NAS_IP -ip NAS_IP  -pw adminpasswordhere -c "sed -i 's/PermitRootLogin no/PermitRootLogin yes/g' /etc/sshd_config"

Restart SSH service

java -jar acp_commander.jar -t NAS_IP -ip NAS_IP -pw Youradminpassword -c "/etc/init.d/sshd.sh restart"

Now you will be able to SSH to your NAS box.


  1. NAS_IP is your Linkstation IP address
  2. Youradminpassword is your Linkstation Web UI password
  3. Newrootpass is your new root account password (for ssh)
  4. Still works with the latest firmware (1.63)
  5. Or you can try the easy way 😛

Another way of doing this (to prevent error during copying above command) is to execute this bash script from your Linkstation.
1. Copy this file, http://dl.advanxer.com/stuff/NAS/open-ls.sh to your computer.
2. From your computer, browse to your NAS shared folder.
3. Copy and paste open-ls.sh file to /share folder.
4. Execute this command from your computer (replace $DISK with disk1 or array1):

java -jar acp_commander.jar -t NAS_IP -ip NAS_IP -pw Youradminpassword -c "sh -x /mnt/$DISK/share/open-ls.txt"

SSH to your NAS and type below commands:

1. Installing package dependencies

ipkg install python py25-crypto py25-curl libcurl py25-openssl py25-django tesseract-ocr unzip sqlite wget-ssl py25-pil unrar ossp-js



2. Make working folder for pyload

[email protected]:/# mkdir /mnt/disk1/pyload/

3. Download latest version of pyLoad:

[email protected]:/# wget http://bitbucket.org/spoob/pyload/get/default.zip

4. Unzip it
[email protected]:/#unzip default.zip

5. Install it
[email protected]:/#./pyLoadCore.py –s

6. Run it
[email protected]:/mnt/disk1/pyload# ./pyLoadCore.py -s

Choose your Language / Wähle deine Sprache ([en], de, fr, it, es, ru, pl, cs, pt_BR): [ENTER]
## System Check ##

Python Version: OK
pycurl: OK
sqlite3: OK
pycrypto: OK
py-OpenSSL: OK
py-imaging: OK
tesseract: OK
PyQt4: missing
jinja2: OK
beaker: OK
JS engine: OK

System check finished, hit enter to see your status report.

## Status ##
Features available: container decrypting, ssl connection, automatic captcha decryption, Webinterface, extended Click’N’Load
Continue with setup? ([y]/n): [ENTER]
Do you want to change the config path? Change config path? (y/n):y /root/.pyload
Do you want to configure login data and basic settings? This is recommend for first run. Make basic setup? ([y]/n): [ENTER]
## Basic Setup ##
The following logindata is valid for CLI, GUI and webinterface.
Username [User]: username
Password (again):

Language ([en], de, fr, it, es, ru, pl, cs, pt_BR):
Downloadfolder [Downloads]: /mnt/disk1/share/download
Max parallel downloads [3]:
Use Reconnect? (y/[n]):
Do you want to configure ssl? Configure ssl? (y/[n]):
Do you want to configure webinterface? Configure webinterface? ([y]/n):
## Webinterface Setup ##
Activate webinterface? ([y]/n):
Listen address, if you use or localhost, the webinterface will only accessible locally.
Address []:
Port [8000]: 8000

To start pyLoad as service (daemon)
[email protected]:/mnt/disk1/pyload# ./pyLoadCore.py –daemon

To kill pyLoad service
[email protected]: ps | grep pyLoad
[email protected]: kill <pyLoad Process ID>

Web Interface: TCP 8000
RPC (remote client): TCP 7227

Update 21/2/2013
Pre-compiled package for IPKG is available now!

ipkg install wget tesseract-ocr tesseract-ocr-lang-eng ossp-js unrar
wget http://get.pyload.org/static/pyload-v0.4.9-noarch.ipk
ipkg install pyload-v0.4.9-noarch.ipk
pyLoadCore -s
Posted in NAS.

Cisco Mailguard feature is to sanitizes SMTP traffic. This features is turned on by default, and can cause some SMTP traffic to be dropped for security reason.


  • You cannot receive Internet-based e-mail messages.
  • You cannot send e-mail messages with attachments.
  • You cannot establish a telnet session with the Microsoft Exchange server on port 25.
  • When you send an EHLO command to the Exchange server, you receive a “Command unrecognized” or an “OK” response.
  • You cannot send or receive mail on specific domains.
  • Problems with Post Office Protocol version 3 (POP3) authentication – 550 5.7.1 relaying denied from local server.
  • Problems with duplicate e-mail messages being sent (sometimes five to six times).
  • You receive duplicate incoming Simple Mail Transfer Protocol (SMTP) messages.
  • Microsoft Outlook clients or Microsoft Outlook Express clients report an 0x800CCC79 error when trying to send e-mail.
  • There are problems with binary mime (8bitmime). You receive the following text in a non-delivery report (NDR):
    554 5.6.1 Body type not supported by Remote Host.
  • There are problems with missing or garbled attachments.
  • There are problems with the link state routing between routing groups when a Cisco PIX or Cisco ASA firewall device is between the routing groups.
  • The X-LINK2STATE verb is not passed.
  • There are authentication problems between servers over a routing group connector.

To determine whether Mailguard is running on your Cisco PIX or Cisco ASA firewall, Telnet to the IP address of the MX record, and then verify whether the response looks similar to the following:

220*******************************************************0*2******0*********************** 2002*******2***0*00


ASA-FW(config)# no fixup protocol smtp 25 Verification: Telnet to SMTP on port 25, you should getting below response 220 mail.domain.com.ESMTP

References: http://support.microsoft.com/kb/320027 http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a00800b2ecb.shtml http://www.cisco.com/warp/public/707/cisco-sa-20000927-pix-firewall-smtp-filter.shtml