The following post is about a ReadyNAS Pro 4. I have no idea if it’ll work on other ReadyNAS devices.
I stupidly managed to lock myself out of SSH access (I blame /bin/false automagically appearing by my username in /etc/passwd instead of the usual /bin/bash).
Not thinking straight due to stress. I decided that I probably forgot my password, and proceeded to reset it by editing /etc/shadow from a ReadyNAS configuration backup and uploading it back to the device..
That was probably the dumbest move I’ve ever made. For several reasons:
1. Since I borked SSH access, Frontview (Web GUI) was my only option for control of the system at this time.
2. User access for Frontview is also read from /etc/shadow. Same as SSH.
3. Did I use an editor in Windows that was capable of editing files without inserting Windows specific weirdness? (i.e. whitespaces and linebreaks)? No I did not.
I didn’t figure this out until way later, but I wont describe just how dumb my thought process was during my evening. Just post a solution to the problem.
The problem being the following:
I was totally locked out of my system. No admin GUI, no console, nothing. My obvious options were paying Netgear to fix it, or losing all my data.
Neither is ok.
Here’s my solution. You probably shouldn’t do this unless you’re desperate. I won’t take responsibility for your bricked NAS or lost data if you decide to follow the steps i took. You can cause a lot of damage if you have clumsy fingers.
1. Power down the ReadyNAS.
2. Access the Boot Menu by pushing the reset button while powering up the device. Release reset when “Boot Menu” is shown in the display.
3. Select Tech Menu by pressing the backup button. Confirm by pushing the reset button again.
4. Log in with the following super secret Netgear Tech staff only account (Google is great some times): root / infr8ntdebug
5. Connect to the IP displayed on the ReadyNAS with Telnet (Port 23). At the # prompt (this is Busybox btw), you wont initially have access to the regular boot partition of the device. To mount that, enter the following commands:
echo DEVICE partitions > /etc/mdadm.conf mdadm --examine --scan >> /etc/mdadm.conf mdadm --assemble --scan mount /dev/md0 /mnt
6. Navigate to /mnt/etc/
7. In my case, since I had broken shadow by inserting Windows whitespaces into them (^M in Vi), I had to get rid of those. Since %s/^V^M//g didn’t work for some reason, I did the following instead:
cat /etc/shadow | tr -d '\r' > shadow.temp mv shadow.temp shadow
8. Reboot the device. I now had SSH access again. The Frontview account was still broken for some reason so that was fixed by issuing passwd admin and just resetting it.
My case may have been specific, but if you find yourself needing to access and modify the root partition of the ReadyNAS Pro without having SSH access, the Netgear tech support mode is a viable option. Just mind what you do when you’re there. You’re not supposed to be there and you’ll probably void your warranty just by considering it..
onlyblue@work 
You made my day!!!
I did the same stupid mistake on another file…
So many thanks for putting that guide together and sharing the infos.
Glad it helped 🙂
I have a similar problem, however I still have SSH access, just no GUI access. I am running OS6 on a Pro2 (legacy device), so Netgear may not help me. When you stated “The Frontview account was still broken for some reason so that was fixed by issuing passwd admin and just resetting it.” What do you mean? Did you SSH into the NAS, and then issue some command? Any help would be appreciated!
Yes. The command I used to fix GUI permissions was “passwd admin” when in SSH console.
Used this process to log into my NV+ v2 and clear out a core dump in the root FS that blocking boot. Thanks a ton!
Hello! I got a RN102, the procedure seems to work… until I get the error “duplicate MD device names”…. i gave up.
Reinstalled the OS
Thank you so much!! Great post, I was able to restore all my data with that.
I only had telnet access to the readynas, so I mounted the RAID from the readynas and an smb share of my Windows Server and copied everything with the cp command. Now I will set the box to factory default and reconfigure it, because reactivating ssh or Web Login fails. But the data is there again. That’s the most important 🙂
Wow, thank you so very much! I just needed access to clear out some of the OS partition. Saved me from a paid tech support call!
It seems I have the same problem with free space on my Duo V2, can you tell what did you delete to free more space (I’m not so familiar with Linux “garbage collection”)?
Huh…I responded with full details, but maybe it wasn’t approved by moderator? If my responses don’t go through, there’s not much I can do. Good luck!
Sorry, I haven’t seen any replies to this. If it’s not spam I usually approve (even though I no longer maintain the blog). Sorry to see that your potentially helpful comments weren’t presented here. My apologies.
Thank you very much for this page. I got myself in a pickle where the root filesystem on my readynas was full (due to my CrashPlan backup software failing some upgrades). I couldn’t get SSH reinstalled. I booted into the Tech Support mode only to find the volume wasn’t mounted for me to cleanup the CrashPlan upgrade files.
Your page did the trick for mounting that root filesystem. Thanks!
Thanks for this article! It help me to reach the OS!
But my problem in another. I found my system with message “Err: Used disks”.
Inspecting logs I found that I have 3 raids (very strange, my configuration have only one): md0, md1 and md127 (aka data-0). By your method I mounted raid with data without any problems manually but the system stops on booting inspecting md0 and founding 2 wrong blocks (after that it can’t be mounted and stop the boot process). Any idea how to fix it without full backup and restore? (reinstall OS was not fix this problem).
Thanks!
I had the exact same problem as @otteydw and was able to get access to my readynas due to your guide!
THANK YOU SOO MUCH!!!! You saved “my life”!!!
I messed up my /etc/passwd and this helped me fix it. You saved me hours and hours of reconfiguration! Thank you!
Thank you so much for this really helpful guide! It helped me fix the “admin group renamed lockout problem” (like so many others before I thought a user ‘admin’ and a group ‘admin’ are no good idea and I’d better rename the group to ‘admins’ – unfortunately this kicks you out of your box, forever!). Netgear does neither fix the bug nor publish any infos on how to regain access, although they know the problem for quite some time, really very professional! I don’t think I will buy any more Netgear product soon, maybe never again (already had a lot of problems with other bugs in the last years!!). With this guide I could access /etc/groups and rename the group ‘admins’ back to ‘admin’. Btw the box uses DHCP in Tech Support Mode (for those without display)! Hope that helps someone!
Very very good!!!! I saved a few hours..
This is fantastic! Netgear’s latest firmware, 6.10.1 is horrible, and for some reason, reset my admin password (don’t ask). This helped me get it back!
Glad to see this old post is still relevant and helping people 🙂