Up-to-date firmware for WD My Cloud Ex2 Ultra

The sequence is:

1. Update u-boot. It is needed to adjust load addresess for new Kernel and Ramdisk. See UBoot folder for details.
2. Update kernel with compiled uImage file. See Kernel folder for details.
3. Update ramdisk with compiled uInitrd file. See Ramdisk folder for detials.
4. Set rootfs - the actuall Debian system. See Rootfs folder for detials.

This custom firmware supports full disk encryption on WD MyCloud Ex2 Ultra NAS

Support

• USB or SATA drive
• ext2,3,4, btrfs
• raid 0,1 and LVM
• LUKS-encrypted drive
• ssh-rescue shell

Make any changes of Ram Disk in initrd folder and recompile it with compile_ramdisk.sh to get new uInitrd (Ram Disk file)

Usage

Update Kernel if you have access to shell

wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/uImage (--no-check-certificate in case of error?) dd if=/dev/zero of=/dev/mtdblock1 dd if=uImage of=/dev/mtdblock1

Update ramdisk if you have access to shell

wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/uInitrd dd if=/dev/zero of=/dev/mtdblock2 dd if=uInitrd of=/dev/mtdblock2

If you don't have access to shell use USB UART connector (press "1" to stop autoboot):

Connect FT232RL USB UART Converter

NAS UART

o - Tx Rx

o - GND GND

o - 3.3v -

- - -

o - Rx Tx

Use Putty for connection via COM port

(take port number in Device Manager after installing UART driver, possibly from https://fox-exe.ru/Files/USB-UART/)

Serial line to connect: COM5

SPEED: 115200

Data bits: 8

Stop bits: 1

Parity: None

Flow control: XON/XOFF

usb start fatload usb 0:1 0xa00000 uImage fatload usb 0:1 0xf00000 uInitrd bootm 0xa00000 0xf00000

Reboot

reboot -f

Part your new HDDs

fdisk /dev/sda

(d) for delete any existing partitions

(n) for creating new partititions

We need to delete all partitions

Create Raid1

mdadm --create /dev/md0 --level=1 --raid-devices=2 --run /dev/sda /dev/sdb

Alternative, if second HDD will be added later

mdadm --create /dev/md0 --level=1 --raid-devices=2 --run /dev/sda missing mdadm --manage /dev/md0 --add /dev/sdb

Encrypt your new partition and open it

sudo cryptsetup -v -y -c aes-cbc-essiv:sha256 --iter-time 2000 --use-random luksFormat /dev/md0 cryptsetup luksOpen /dev/md0 cryptlvm nohup dd if=/dev/urandom of=/dev/mapper/cryplvm & #That's going to be few days. #Check progress with 'ps ax | grep dd' to find out $pid and then kill -USR1 $pid. #Then cat nohup.out will show you the progress.

Create LVM logical volumes on encrypted partition

lvm pvcreate /dev/mapper/cryptlvm lvm vgcreate MyVolGroup /dev/mapper/cryptlvm lvm lvcreate -L 1024MB MyVolGroup -n swap -Zn lvm lvcreate -L 4096MB MyVolGroup -n root -Zn lvm lvcreate -l +100%FREE MyVolGroup -n data -Zn

#Scan for created volumes lvm vgscan --mknodes

Format and label your partitions

mkswap /dev/MyVolGroup/swap swapon /dev/MyVolGroup/swap mkfs.ext4 /dev/MyVolGroup/root mkfs.ext4 /dev/MyVolGroup/data

Then we install Debian Stretch kindly provided by Fox-exe.ru repository

mkdir /mnt/root mount /dev/MyVolGroup/root /mnt/root cd /mnt/root wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/debian-stretch-rootfs.tar.xz tar xvf debian-stretch-rootfs.tar.xz rm debian-stretch-rootfs.tar.xz

Update libs for new kernel

wget https://raw.githubusercontent.com/vzhilov/WDMC-Ex2-Ultra/master/libs-4.15.0-rc6.tar.gz tar xvf libs-4.15.0-rc6.tar.gz rm libs-4.15.0-rc6.tar.gz

Then we reboot

cd / umount /mnt/root sync reboot -f

When system boots after encryption

login: root password: mycloud

The system will boot only if a keyfile "key.luks" is presend on connected USB device with partition label "key". If no keyfile present then connect to the system by ssh on port 2222 with a user root, password root and open partition with the command: "cryptsetup -T 5 luksOpen $device cryptroot".

Run apt upgrade to upgrade to newest Debian

In the root file system put swapon /dev/mapper/MyVolGroup-swap mount /dev/mapper/MyVolGroup-data /mnt/data in rc.local, not in /etc/fstab

Couldn't make reset button to power off, so used cron with eth0 down instead: 0-59 * * * * /bin/ip a | /bin/grep -Eq ': eth0:.*state UP' || /sbin/poweroff