Quantcast
Jump to content

LG WEBOS 4.0 and below. Letsencrypt root certificated expired.

Justin Tan
 Share

Recommended Posts

Justin Tan Newbie

Justin Tan

Posted
Posted

Found multiplex application that use letsencrypt stop working in 30 September 2021 on LG WebOS 3.5. This appear to be wide spread multiplex version of WEBOS. 

See 

link hidden, please login to view

AND 

As PLEX blaming to be LG fault. LG please provide solution to only 2 year old TV

LG

Our current app is available on 4K/UHD LG television models running the following system software:

  • webOS 3.0
  • webOS 3.5
  • webOS 4.0
  • webOS 5.0

No 720p or 1080p (“full HD”) sets are supported for our current app at this time.

Note: Due to root certificate limitations with the device OS itself, only webOS 5.0+ devices support secure connections with a personal Plex Media Server. To allow connections to a personal server, devices running earlier webOS versions must be set to Allow Insecure Connections in the TV app settings and the Plex Media Server must be set to Preferred for the Secure Connections preference.

  • Like 2
Link to comment
Share on other sites
  • Replies 45
  • Created
  • Last Reply

Top Posters In This Topic

Popular Days

Top Posters In This Topic

Popular Days

Popular Posts

Justin Tan
Justin Tan

Found multiplex application that use letsencrypt stop working in 30 September 2021 on LG WebOS 3.5. This appear to be wide spread multiplex version of WEBOS.  See  cbe81c670818f747c7bdf0087f9e2f

shdwlynx
shdwlynx

Nobody knows if LG is going to fix it, but honestly, the community already has.  I'll summarize what I did which was based on everyone's helpful instructions above, meant for someone who knows little

C Smith
C Smith

It definitely is the problem.  Here's what works to recreate it on my 55B6, on firmware 5.60.25. Manually set your TV clock to Sept 30, 9AM EDT (convert to your time zone if needed). Goto an

Posted Images

Onkel Newbie

Onkel

Posted
Posted

Same here on my 2 year old 65SK8000PLB with firmware 05.40.09

I cannot load any websites with Letsencrypt encrypted certificates.

Examples:

  • link hidden, please login to view

This is a good example for unsufficient product lifecycle management.

Link to comment
Share on other sites
Dillspooch Newbie

Dillspooch

Posted
Posted

I've got  

I've got this problem too with my OLED55E6V (AKA: the E6). I bought it in 2017. I find it baffling that a modern smart TV like has this problem. Built in obsolescence? LG should sort this out. I spent thousands of £ on this.

I have a Plex Media Server. I've tried the server and app settings to allow insecure connections but that isn't working.

Isn't this just a case of LG updating certificates?

The TV received a firmware update recently. Surely LG can resolve this?

 

Link to comment
Share on other sites
micneon Newbie

micneon

Posted
Posted

It should be very easy for LG to exchange the root certificates with an update. However, the question is whether this will happen....

Connections to older Plex servers still seem to work.
Also to those in the same network that are up to date but do not have their own certificates.

Whether this is really the problem is questionable.
However, SSL should be the most important thing these days and that must be running!

Link to comment
Share on other sites
C Smith Newbie

C Smith

Posted
Posted
19 hours ago, micneon said:

Whether this is really the problem is questionable.

It definitely is the problem.  Here's what works to recreate it on my 55B6, on firmware 5.60.25.

Manually set your TV clock to Sept 30, 9AM EDT (convert to your time zone if needed).

Goto any Wikipedia page using the browser. Works.

Manually set your TV clock to Sept 30, 11AM EDT (convert to your time zone if needed).

Goto any Wikipedia page using the browser. Does NOT work, you get a security error that cannot be bypassed.

Now manually set your TV clock back to Sept 30, 9AM EDT again (convert to your time zone if needed).

Goto any Wikipedia page using the browser. Works again.

A root cert (DST Root CA X2) expired around 10AM EDT on September 30th. Servers using Let's Encrypt certs (which includes Wikipedia) should be testable using either that root or the newer ISRG Root X1 - which, by the way, has been around since June 2015. If you have not updated the trusted root list attached to the browser since 2015, then you will see this failure, because after 10AM Sept 30th, only the ISRG Root X1 is still valid.

LG has had FIVE YEARS to fix this problem before it happened.

  • Like 1
Link to comment
Share on other sites
WillyWonka Newbie

WillyWonka

Posted
Posted
I have a C9 and rooted the TV once the RootMy.TV exploit came out. Thanks to this, Im able the overwrite all the expired certificates and everything works great again
Where do I get the updated certificated, and where do I put them in the fillesystem?

Sent from my LM-V600 using Tapatalk

Link to comment
Share on other sites
tam Newbie

tam

Posted
Posted

If your TV is rooted, you can use a bash script I wrote to remove the expired LetsEncrypt cert and add two new certs to the TV's truststore.  Open a shell on your TV and run the following four commands:

cd /tmp

wget  

link hidden, please login to view

chmod +x update-ca-certs.sh

./update-ca-certs.sh

After updating the certs, the TV will reboot, and you should be good to go.

Link to comment
Share on other sites
BluEEyE Newbie

BluEEyE

Posted
Posted
On 10/20/2021 at 10:31 PM, tam said:

If your TV is rooted, you can use a bash script I wrote to remove the expired LetsEncrypt cert and add two new certs to the TV's truststore.  Open a shell on your TV and run the following four commands:

cd /tmp

wget  

link hidden, please login to view

chmod +x update-ca-certs.sh

./update-ca-certs.sh

After updating the certs, the TV will reboot, and you should be good to go.

Can you please make some tutorial how to do it step by step for fresh people ? 

Link to comment
Share on other sites
Fem Newbie

Fem

Posted
Posted
On 10/20/2021 at 9:31 PM, tam said:

If your TV is rooted, you can use a bash script I wrote to remove the expired LetsEncrypt cert and add two new certs to the TV's truststore.  Open a shell on your TV and run the following four commands:

cd /tmp

wget  

link hidden, please login to view

chmod +x update-ca-certs.sh

./update-ca-certs.sh

After updating the certs, the TV will reboot, and you should be good to go.

Hi TAM,

I found a few issues with your script,

1. wget doesn't work on my TV I get - wget: not an http or ftp url:

2. Tried to overcome that by just downloading the script and SCP it to the TV that worked fine BUT you have wget again in the update-ca-certs.sh so I had to download and SCP the certs to the correct folders - NOW the final issue I see is and cannot understand is how is  /media/cryptofs/apps/usr/palm/services/com.palmdts.devmode.service/start-devmode.sh going to run and apply the setting? what will trigger this script?

Thanks, From what I can find you are the only one really working on this issue - Really appreciate it!

UPDATE:

To over come the wget issue I just used 'curl -k  --output update-ca-certs.sh'

I also update the 'update-ca-certs.sh' and replaced wget with curl --output' script (attached)   update-ca-certs.txt

still not seeing the certificates updated

 

 

 

Link to comment
Share on other sites
tam Newbie

tam

Posted
Posted

Hi Fem,

Thanks for pointing out the issue with wget. I may have installed wget myself some time ago and forgotten, so maybe it is a different version to the one you have. I have updated the script and instructions to use curl instead.

The script at /media/cryptofs/apps/usr/palm/services/com.palmdts.devmode.service/start-devmode.sh was created by the rooting process I used. So this file existed before I made any changes myself. It gets executed automatically each time the TV is switched on, so I just appended a few commands to the end of that script (to overlay the new certs and cert config onto the underlying readonly filesystem, and to force the system to recognise these new certs each time). If you used a different mechanism to get root, then maybe you have some script that executes on startup that you could append these commands to instead.

Link to comment
Share on other sites
  • 2 weeks later...
  • 4 weeks later...
shdwlynx Rookie

shdwlynx

Posted
Posted

Nobody knows if LG is going to fix it, but honestly, the community already has.  I'll summarize what I did which was based on everyone's helpful instructions above, meant for someone who knows little to nothing about telnet, ssh, etc.  (If you are familiar with those applications, this will be a breeze.  If not, just follow the instructions and search the web if you'd like to learn more about the commands used.)

Note that most of these instructions are taken from 

link hidden, please login to view
 and may be slightly different depending on your TV.

On your TV...

  1. Turn on your TV
  2. Open the web browser app
  3. Browse to rootmy.tv
  4. Slide the little "Slide to root" bar to the right if you have the kind of remote that lets you use an on-screen pointer or just press the number 5 on your remote
  5. Accept the security prompt
  6. The exploit will proceed automatically and the TV will reboot itself; choose to reboot a second time to finalize the installation of the Homebrew Channel (the TV may turn off instead of rebooting - if this happens, just turn the TV back on again)
  7. Your TV should now have Homebrew Channel app installed, and an unauthenticated(!) root telnet service exposed
  8. Go to the TV's network settings and write down its IP address

Note that your TV must be turned on in order to connect to it remotely; when it's off, it's all the way off (although there may be a non-power-saving setting you can enable to keep the TV's operating system running when it's off so that it will turn on faster, in which case you might be able to connect to it even when it's off).

On your computer...

  1. Enable telnet (sorry Mac users, you'll need to figure this out on your own)
    • Click on the Windows Start Menu
    • Type "Windows Features" and click on "Turn Windows features on and off"
    • Scroll down to Telnet client and check the box
    • Click OK
  2. Open a command prompt (Win+R then type "cmd")
  3. Generate an encryption key pair that will be used to connect securely to the TV
    • Type "mkdir .ssh" to create the secure shell directory if it's not there already
    • Type "ssh-keygen -t rsa -f .\.ssh\lgtv_rsa" (the file name can be anything you want, but that's what I used)
    • Type "notepad .ssh\config"
    • Paste the following contents into the newly created file: 
      Host 1.2.3.4
    User root
    IdentityFile C:\Users\yourusername\.ssh\lgtv_rsa

      Replace "1.2.3.4" with your TV's IP address you wrote down in step 8 above
      Replace "yourusername" with the directory name where your user data is stored

    • Save the file and quit Notepad

    • Type "type .ssh\lgtv_rsa.pub" (it will spit out some ugly text - this is your public encryption key)

    • Select all the text and copy it to your clipboard - you'll need this shortly

  4. Type "telnet 1.2.3.4", where 1.2.3.4 is your TV's IP address you wrote down in step 8 above, to connect to your TV
    (No username or password is required to connect as the "root" user - we'll fix this security hole in a moment)
  5. Type "vi /home/root/.ssh/authorized_keys"
  6. Once the new empty file opens, type the letter "i" to enter insert mode
  7. Press Ctrl-V to paste in the clipboard contents, which is the public key generated in step 3
  8. Press the "Esc" (Escape) key to exit insert mode
  9. Type ":wq!" and press Enter to write the file and then quit the editor immediately
  10. Type "exit" to exit the telnet application
  11. Type "exit" again to exit the command prompt

Back on your TV...

  1. Open the Homebrew Channel
  2. Go to Settings (the Gear icon)
  3. Disable Telnet
  4. Enable SSH Server
  5. Enable Block system updates
  6. Reboot the TV

Back on your computer, apply Tam's SSL fix...

  1. Disable telnet (follow the instructions in "On your computer" above but uncheck the box next to Telnet client instead of checking it this time)
  2. Open a command prompt (Win+R then type "cmd")
  3. Type "ssh 1.2.3.4" (not telnet this time!), where 1.2.3.4 is your TV's IP address, to connect to your TV
    (again, no username or password is required, but it's still secure since the encryption key you generated above is used)
  4. Follow Tam's instructions above, repeated here (I suggest copy/pasting the "wget" line from the browser into your command prompt window):
    (Now, if you're like me, the "wget" command will fail because the version running on the TV doesn't have the capability of connecting to secure HTTPS web sites.  Skip to the Alternate Instructions if you have the same issue with the "wget" command.) 
    cd /tmp
wget  https://raw.githubusercontent.com/tf318/lg/main/update-ca-certs.sh
chmod +x update-ca-certs.sh
./update-ca-certs.sh

Alternate instructions

If the "wget" command failed, follow these steps instead:

  1. Open Tam's script file in this browser in another tab: 
  2. Copy the text and then close that tab
  3. Return to the command prompt...
  4. Type "vi /tmp/update-ca-certs.sh"
  5. Once the new empty file opens, type the letter "i" to enter insert mode
  6. Press Ctrl-V to paste in the clipboard contents, which is the Tam's script
  7. Press the "Esc" (Escape) key to exit insert mode
  8. Type ":wq!" and press Enter to write the file and then quit the editor immediately
  9. Type the following two commands: 
    chmod +x update-ca-certs.sh
./update-ca-certs.sh

 

Whether using Tam's original instructions or my Alternate version, the TV will reboot (twice, maybe) and Plex should now open and be happy.  At least mine was.  Thanks again, RootMy.TV team and Tam, for all your research and hard work!

  • Like 1
  • Thanks 1
Link to comment
Share on other sites
  • 2 weeks later...
finallygotplexworking Newbie

finallygotplexworking

Posted
Posted
On 12/6/2021 at 3:20 PM, shdwlynx said:

Nobody knows if LG is going to fix it, but honestly, the community already has.  I'll summarize what I did which was based on everyone's helpful instructions above, meant for someone who knows little to nothing about telnet, ssh, etc.  (If you are familiar with those applications, this will be a breeze.  If not, just follow the instructions and search the web if you'd like to learn more about the commands used.)

Note that most of these instructions are taken from  and may be slightly different depending on your TV.

On your TV...

  1. Turn on your TV
  2. Open the web browser app
  3. Browse to rootmy.tv
  4. Slide the little "Slide to root" bar to the right if you have the kind of remote that lets you use an on-screen pointer or just press the number 5 on your remote
  5. Accept the security prompt
  6. The exploit will proceed automatically and the TV will reboot itself; choose to reboot a second time to finalize the installation of the Homebrew Channel (the TV may turn off instead of rebooting - if this happens, just turn the TV back on again)
  7. Your TV should now have Homebrew Channel app installed, and an unauthenticated(!) root telnet service exposed
  8. Go to the TV's network settings and write down its IP address

Note that your TV must be turned on in order to connect to it remotely; when it's off, it's all the way off (although there may be a non-power-saving setting you can enable to keep the TV's operating system running when it's off so that it will turn on faster, in which case you might be able to connect to it even when it's off).

On your computer...

  1. Enable telnet (sorry Mac users, you'll need to figure this out on your own)
    • Click on the Windows Start Menu
    • Type "Windows Features" and click on "Turn Windows features on and off"
    • Scroll down to Telnet client and check the box
    • Click OK
  2. Open a command prompt (Win+R then type "cmd")
  3. Generate an encryption key pair that will be used to connect securely to the TV
    • Type "mkdir .ssh" to create the secure shell directory if it's not there already
    • Type "ssh-keygen -t rsa -f .\.ssh\lgtv_rsa" (the file name can be anything you want, but that's what I used)
    • Type "notepad .ssh\config"
    • Paste the following contents into the newly created file: 
      Host 1.2.3.4
    User root
    IdentityFile C:\Users\yourusername\.ssh\lgtv_rsa

      Replace "1.2.3.4" with your TV's IP address you wrote down in step 8 above
      Replace "yourusername" with the directory name where your user data is stored

    • Save the file and quit Notepad

    • Type "type .ssh\lgtv_rsa.pub" (it will spit out some ugly text - this is your public encryption key)

    • Select all the text and copy it to your clipboard - you'll need this shortly

  4. Type "telnet 1.2.3.4", where 1.2.3.4 is your TV's IP address you wrote down in step 8 above, to connect to your TV
    (No username or password is required to connect as the "root" user - we'll fix this security hole in a moment)
  5. Type "vi /home/root/.ssh/authorized_keys"
  6. Once the new empty file opens, type the letter "i" to enter insert mode
  7. Press Ctrl-V to paste in the clipboard contents, which is the public key generated in step 3
  8. Press the "Esc" (Escape) key to exit insert mode
  9. Type ":wq!" and press Enter to write the file and then quit the editor immediately
  10. Type "exit" to exit the telnet application
  11. Type "exit" again to exit the command prompt

Back on your TV...

  1. Open the Homebrew Channel
  2. Go to Settings (the Gear icon)
  3. Disable Telnet
  4. Enable SSH Server
  5. Enable Block system updates
  6. Reboot the TV

Back on your computer, apply Tam's SSL fix...

  1. Disable telnet (follow the instructions in "On your computer" above but uncheck the box next to Telnet client instead of checking it this time)
  2. Open a command prompt (Win+R then type "cmd")
  3. Type "ssh 1.2.3.4" (not telnet this time!), where 1.2.3.4 is your TV's IP address, to connect to your TV
    (again, no username or password is required, but it's still secure since the encryption key you generated above is used)
  4. Follow Tam's instructions above, repeated here (I suggest copy/pasting the "wget" line from the browser into your command prompt window):
    (Now, if you're like me, the "wget" command will fail because the version running on the TV doesn't have the capability of connecting to secure HTTPS web sites.  Skip to the Alternate Instructions if you have the same issue with the "wget" command.) 
    cd /tmp
wget  https://raw.githubusercontent.com/tf318/lg/main/update-ca-certs.sh
chmod +x update-ca-certs.sh
./update-ca-certs.sh

Alternate instructions

If the "wget" command failed, follow these steps instead:

  1. Open Tam's script file in this browser in another tab: 
    link hidden, please login to view
  2. Copy the text and then close that tab
  3. Return to the command prompt...
  4. Type "vi /tmp/update-ca-certs.sh"
  5. Once the new empty file opens, type the letter "i" to enter insert mode
  6. Press Ctrl-V to paste in the clipboard contents, which is the Tam's script
  7. Press the "Esc" (Escape) key to exit insert mode
  8. Type ":wq!" and press Enter to write the file and then quit the editor immediately
  9. Type the following two commands: 
    chmod +x update-ca-certs.sh
./update-ca-certs.sh

 

Whether using Tam's original instructions or my Alternate version, the TV will reboot (twice, maybe) and Plex should now open and be happy.  At least mine was.  Thanks again, RootMy.TV team and Tam, for all your research and hard work!

Just wanted to say thanks for this comprehensive guide. I did have some issues using rootmytv - my LG firmware has patched that so it didn't work so I had to downgrade it. That was a bit of a faff but dropping back to firmware version 05.30.10 allowed me to complete the process.

Firmware can be obtained here for my TV.

link hidden, please login to view

Link to comment
Share on other sites
  • 3 weeks later...
Speedfreak515 Newbie

Speedfreak515

Posted
Posted
On 12/6/2021 at 7:20 AM, shdwlynx said:

Nobody knows if LG is going to fix it, but honestly, the community already has.  I'll summarize what I did which was based on everyone's helpful instructions above, meant for someone who knows little to nothing about telnet, ssh, etc.  (If you are familiar with those applications, this will be a breeze.  If not, just follow the instructions and search the web if you'd like to learn more about the commands used.)

Note that most of these instructions are taken from  and may be slightly different depending on your TV.

On your TV...

  1. Turn on your TV
  2. Open the web browser app
  3. Browse to rootmy.tv
  4. Slide the little "Slide to root" bar to the right if you have the kind of remote that lets you use an on-screen pointer or just press the number 5 on your remote
  5. Accept the security prompt
  6. The exploit will proceed automatically and the TV will reboot itself; choose to reboot a second time to finalize the installation of the Homebrew Channel (the TV may turn off instead of rebooting - if this happens, just turn the TV back on again)
  7. Your TV should now have Homebrew Channel app installed, and an unauthenticated(!) root telnet service exposed
  8. Go to the TV's network settings and write down its IP address

Note that your TV must be turned on in order to connect to it remotely; when it's off, it's all the way off (although there may be a non-power-saving setting you can enable to keep the TV's operating system running when it's off so that it will turn on faster, in which case you might be able to connect to it even when it's off).

On your computer...

  1. Enable telnet (sorry Mac users, you'll need to figure this out on your own)
    • Click on the Windows Start Menu
    • Type "Windows Features" and click on "Turn Windows features on and off"
    • Scroll down to Telnet client and check the box
    • Click OK
  2. Open a command prompt (Win+R then type "cmd")
  3. Generate an encryption key pair that will be used to connect securely to the TV
    • Type "mkdir .ssh" to create the secure shell directory if it's not there already
    • Type "ssh-keygen -t rsa -f .\.ssh\lgtv_rsa" (the file name can be anything you want, but that's what I used)
    • Type "notepad .ssh\config"
    • Paste the following contents into the newly created file: 
      Host 1.2.3.4
    User root
    IdentityFile C:\Users\yourusername\.ssh\lgtv_rsa

      Replace "1.2.3.4" with your TV's IP address you wrote down in step 8 above
      Replace "yourusername" with the directory name where your user data is stored

    • Save the file and quit Notepad

    • Type "type .ssh\lgtv_rsa.pub" (it will spit out some ugly text - this is your public encryption key)

    • Select all the text and copy it to your clipboard - you'll need this shortly

  4. Type "telnet 1.2.3.4", where 1.2.3.4 is your TV's IP address you wrote down in step 8 above, to connect to your TV
    (No username or password is required to connect as the "root" user - we'll fix this security hole in a moment)
  5. Type "vi /home/root/.ssh/authorized_keys"
  6. Once the new empty file opens, type the letter "i" to enter insert mode
  7. Press Ctrl-V to paste in the clipboard contents, which is the public key generated in step 3
  8. Press the "Esc" (Escape) key to exit insert mode
  9. Type ":wq!" and press Enter to write the file and then quit the editor immediately
  10. Type "exit" to exit the telnet application
  11. Type "exit" again to exit the command prompt

Back on your TV...

  1. Open the Homebrew Channel
  2. Go to Settings (the Gear icon)
  3. Disable Telnet
  4. Enable SSH Server
  5. Enable Block system updates
  6. Reboot the TV

Back on your computer, apply Tam's SSL fix...

  1. Disable telnet (follow the instructions in "On your computer" above but uncheck the box next to Telnet client instead of checking it this time)
  2. Open a command prompt (Win+R then type "cmd")
  3. Type "ssh 1.2.3.4" (not telnet this time!), where 1.2.3.4 is your TV's IP address, to connect to your TV
    (again, no username or password is required, but it's still secure since the encryption key you generated above is used)
  4. Follow Tam's instructions above, repeated here (I suggest copy/pasting the "wget" line from the browser into your command prompt window):
    (Now, if you're like me, the "wget" command will fail because the version running on the TV doesn't have the capability of connecting to secure HTTPS web sites.  Skip to the Alternate Instructions if you have the same issue with the "wget" command.) 
    cd /tmp
wget  https://raw.githubusercontent.com/tf318/lg/main/update-ca-certs.sh
chmod +x update-ca-certs.sh
./update-ca-certs.sh

Alternate instructions

If the "wget" command failed, follow these steps instead:

  1. Open Tam's script file in this browser in another tab: 
    link hidden, please login to view
  2. Copy the text and then close that tab
  3. Return to the command prompt...
  4. Type "vi /tmp/update-ca-certs.sh"
  5. Once the new empty file opens, type the letter "i" to enter insert mode
  6. Press Ctrl-V to paste in the clipboard contents, which is the Tam's script
  7. Press the "Esc" (Escape) key to exit insert mode
  8. Type ":wq!" and press Enter to write the file and then quit the editor immediately
  9. Type the following two commands: 
    chmod +x update-ca-certs.sh
./update-ca-certs.sh

 

Whether using Tam's original instructions or my Alternate version, the TV will reboot (twice, maybe) and Plex should now open and be happy.  At least mine was.  Thanks again, RootMy.TV team and Tam, for all your research and hard work!

I got to step 8 and it said no such file or directory.

Link to comment
Share on other sites
raisinets Newbie

raisinets

Posted
Posted
On 12/6/2021 at 8:20 AM, shdwlynx said:

Nobody knows if LG is going to fix it, but honestly, the community already has.  I'll summarize what I did which was based on everyone's helpful instructions above, meant for someone who knows little to nothing about telnet, ssh, etc.  (If you are familiar with those applications, this will be a breeze.  If not, just follow the instructions and search the web if you'd like to learn more about the commands used.)

....

appreciate the step-by-step guide! i was able to get this working via chromebook with the included ssh capability in developer mode. however, i do have a question.  do you know if removing the root via factory reset will also remove the updated certs?

Link to comment
Share on other sites
stirfriedrice Newbie

stirfriedrice

Posted
Posted
On 1/20/2022 at 6:22 AM, chris cash said:

I get the error " /home/user/.ssh/authorized_keys: No such file or directory".

I'm a noob on this one,  human error? or simple fix?  Many Thanks, Chris

 

 

I too had the same issue. Kept getting no such file or directory when connected via telnet. I tried the mkdir and bypassed that. Then I hit another roadblock when trying to connect via ssh, asks me for a password. No idea what that is so I gave up. Any help is appreciated.

Link to comment
Share on other sites
chris cash Newbie

chris cash

Posted
Posted
14 hours ago, stirfriedrice said:

I too had the same issue. Kept getting no such file or directory when connected via telnet. I tried the mkdir and bypassed that. Then I hit another roadblock when trying to connect via ssh, asks me for a password. No idea what that is so I gave up. Any help is appreciated.

I tried the SSH as well, same thing, asked me for a password.  I tried the password  "<BLANK>", "root", "password", "alpine" which is from the RootMyTV documentation, but still no luck.

 

SSH_error_001.png

Link to comment
Share on other sites
  • 3 months later...
shdwlynx Rookie

shdwlynx

Posted
Posted
On 1/20/2022 at 5:22 AM, chris cash said:

I get the error " /home/user/.ssh/authorized_keys: No such file or directory".

I'm a noob on this one,  human error? or simple fix?  Many Thanks, Chris

Terribly sorry for the months of delay in replying to you, but this sounds like a permissions issue or a missing directory (as Stirfriedrice determined).

In case anyone else has that issue, before you execute the On your computer step 5. "vi /home/root/.ssh/authorized_keys" command to edit the file, execute this command first which will create the .ssh directory (and its parents, if necessary): 

mkdir -p /home/root/.ssh

As for the "ssh" command prompting for a password, that can only be because either your local computer is not sending the encryption key as its form of authentication or the TV's ssh server is not accepting it (or cannot access it).  Check to ensure that the encryption key files are in the right place both on your local computer and on the TV.  You can also run your ssh client on your computer in a "verbose" mode with the following command (replace 1.2.3.4 with your TV's IP address): 

ssh -v 1.2.3.4

This will tell you a lot more about what's going on when ssh tries to connect.  If you're up for even more verbosity, you can use "-vv" or get maximum verbosity with: "-vvv" (which I don't recommend because it will spit out quite a mess!)

Also, make sure your TV's IP address hasn't changed (mine did since I wrote my original instructions).  If it did, then ssh will not even try to provide it with the encryption key.  Check and update the .ssh\config file on your computer to use the TV's updated IP address and then try again.

The last thing you can try is to ensure that the TV's encryption key and directory has the correct permissions (you'll have to enable and use telnet for this): 

chmod 700 /home/root/.ssh
chmod 600 /home/root/.ssh/authorized_keys

And then try to connect via ssh again.

Absolute worst-case scenario - just turn telnet back on and use that instead of ssh, then turn telnet back off again!

It's a dirty little secret: You can use telnet to do everything you need to for this exercise, but all Linux nerds (I'm one by default although I prefer Windows all day) will beg you to use ssh instead as telnet is completely insecure and extremely hackable.

On 1/14/2022 at 7:10 PM, raisinets said:

appreciate the step-by-step guide! i was able to get this working via chromebook with the included ssh capability in developer mode. however, i do have a question.  do you know if removing the root via factory reset will also remove the updated certs?

No idea, but I suspect that the answer is "yes."  Give it a shot and let us know! ;)

So, why have I returned?  Well, honestly because my Plex client app broke again, which is odd since I have it locked down as expected so it should still be working.  I was hoping that someone else had this issue and came back here to talk about how they fixed it already!  Looks like I have some work to do myself (if I cannot find it after more searching on the web).  

But...

On 1/28/2022 at 12:45 AM, C Smith said:

I just had a pop up letting me know about firmware 05.65.03 for my OLED55B6.

Someone has to be the guinea pig to see if this updates the cert issue. Might as well be me.

Did it work?  Or break things for you?  I suspect it will break things since...

On 12/19/2021 at 4:56 PM, finallygotplexworking said:

Just wanted to say thanks for this comprehensive guide. I did have some issues using rootmytv - my LG firmware has patched that so it didn't work so I had to downgrade it. That was a bit of a faff but dropping back to firmware version 05.30.10 allowed me to complete the process.

Firmware can be obtained here for my TV.

link hidden, please login to view

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
 Share
Go to topic listing

  • Similar Topics

    • News Reporter
      LG Calls for Developers to Participate in LG webOS Hackathon 2024
      By News Reporter
      Selected Finalists to Receive Funding to Develop and Launch
      Their Gaming or Lifestyle App on LG Smart TVs

      SEOUL, July 9, 2024 — LG Electronics (LG) announced a call for participants for its annual global webOS hackathon, with a focus this year on AI-based solutions and gaming services. Developers worldwide are invited to apply and submit their apps for a chance to win a significant monetary prize along with the opportunity to present onstage to LG executives in Seoul, South Korea, this September.
      As a web-centric platform with an easy-to-use Smart TV software development kit, webOS enables developers to create third-party services and apps for millions of homes worldwide. The platform offers developers the tools to create apps and services that engage media, devices, security, networking, Smart TV functionalities and more. Through this hackathon, developers will have the opportunity to build and launch their app on LG Smart TVs, directly reaching consumers with their business.
      Powering LG Smart TVs, including the award-winning LG OLED TV, for over a decade, webOS platform has been acclaimed as a friendly user interface, with easy navigation and customization to provide users with the premium entertainment experience expected from LG products. Now, with an always-growing ecosystem of global partners, the webOS platform is set to drive the next generation of service innovation.
      In addition, LG is committed to expanding the webOS ecosystem by partnering with leaders in the gaming industry. This collaboration aims to offer customers a wide range of gaming services tailored to diverse preferences and interests, while enhancing the gaming capabilities of its exceptional OLED TVs. LG Smart TVs in global markets now feature an increasing array of cloud gaming services and family-friendly games.
      To participate in the hackathon, applicants will need to submit their applications
      link hidden, please login to view. Applications for the hackathon are now open and will close on July 26. Following the application process, participants will be invited to a webinar to learn more about the API and hackathon details. Finalists will be notified by mid-September. For more information about the hackathon, including detailed event schedules with terms and conditions, visit .
      The hackathon will begin with a virtual webinar in early July. Participants will choose to create a game or lifestyle service app using either the Web or Flutter framework, with the opportunity to earn additional merit points for utilizing AI. The app, scenario and demo video must be submitted by August 26. Selected winning developers will then be invited to Seoul to present their ideas in front of top LG executives on September 27.
      Cash prizes will be awarded to the top three winners of the hackathon, with a USD 100,000 Grand Prize for first place, USD 80,000 for second place and USD 50,000 for third place. The winners will also receive technical support leading up to the rollout of their app as well as on-device promotional opportunities after the launch. Winning apps must be ready for release on the LG Content Store by the end of June 2025.
      “LG webOS Hackathon 2024 aims to attract creators worldwide who are building lifestyle solutions,” said Chris Jo, senior vice president of platform business at LG Home Entertainment Company. “LG is committed to engaging with the gaming community on a global scale, partnering with developers to nurture the next generation of talent using LG’s developer platform.”
      # # #

    • Schleimie
      WebOS 4.0 on 2017 Smart TV ?
      By Schleimie
      Hey, 
      My question is, can I install webos4.0 or higher on my lg 49uj701v, for example via a USB stick with an .apk ? I would like to download Paramount+.
      Thanks a lot
    • Flavio_S
      LG SIMPLINK keeps turning back on since webOS 23 update. Auto Power Sync missing.
      By Flavio_S
      On LG OLEDs. You go on and disable SIMPLINK. Fine. But everytime you turn on your HDMI device it enables itself back again. This happens because they have disables two key features that were present in previous OSs, as you can see clearly here
      link hidden, please login to view (they even put screencaps of the menus where you see the missing options in the 23) These functions are Auto Power Sync and Auto Device Detection.
      Man updates are supposed to add functionalities not the other way around. It's very annoying to turn on your TV and have your AVR turn on without you wanting to.

      Anyone found a solution for this problem?
    • denisuu
      Does the 'In Start' menu exist on WebOS 1.4
      By denisuu
      Hi all,
      I'm wondering how you can get into the service menu (In Start) on an old LG Smart TV (42LB630V) running WebOS 1.4.  I have a Samsung Galaxy S6 (SM-G920F) with a IR blaster, I have tried sending '0x04FB 0xFB04' to I which should be IR code to enter the menu, but that doesn't work.
      I have also tried entering it with the SSAP-Web, but I get:
      error: 500 Application error {"errorCode":-101,"returnValue":false,"errorText":"\"com.webos.app.factorywin\" was not found OR Unsupported Application Type" The SAPP-Web app does works though, because the TV does respond to Get info
      { "returnValue": true, "product_name": "webOS", "model_name": "HE_DTV_WT1M_AFAAABAA", "sw_type": "FIRMWARE", "major_ver": "05", "minor_ver": "05.90", "country": "omitted", "device_id": "omitted", "auth_flag": "N", "ignore_disable": "N", "eco_info": "01", "config_key": "00", "language_code": "en-GB" } The reason I want to access the menu is because I've enabled DEBUG mode on my TV through the NVM method and I want to enter a root shell trough UART to enable SSH and root access.
      Gaining root access through NVM: 
      link hidden, please login to view
    • Weebly - Websites, eCommerce &amp; Marketing in one place.
    • Mohammad1403
      How to uninstall preinstalled apps form webos 23?
      By Mohammad1403
      Hello there,
      How to remove pre-installed apps from webos 23 like Netflix and Amazon prime?



WEBOS FORUMS

MORE SECTIONS

FOLLOW US ON

×
×
  • Create New...