Bitcoin Forum
June 26, 2019, 03:22:02 PM *
News: Latest Bitcoin Core release: 0.18.0 [Torrent] (New!)
 
   Home   Help Search Login Register More  
Pages: [1] 2 »  All
  Print  
Author Topic: How to bypass ""Cannot find Signature" when updating your antminer firmware.  (Read 821 times)
mikeywith
Sr. Member
****
Offline Offline

Activity: 448
Merit: 949


be constructive or S.T.F.U


View Profile
December 28, 2018, 10:49:42 PM
Last edit: May 08, 2019, 10:57:39 PM by mikeywith
Merited by HagssFIN (3), frodocooper (3), BitMaxz (2)
 #1

A few days ago, one member on forum asked how to bypass the ""Cannot find Signature" as he was trying to update his D3 miner, while this still applies to BTC miners too, so i decied to make this topic on this board, if the mods feel like it belongs to alts, please move it.


the initial thread to the guy's question can be found here > https://bitcointalk.org/index.php?topic=5088793.0

i gave him the soluation in step-by-step manner, so it's kinda hard to follow the whole process frorm the topic, as there were a couple of different posts, so what i am going to do here is basically combine the whole steps into 1 to make it easier to follow, if you want to check how did that guy do it and what difficulites he faced you can refer to the topic, also i would like to acknowledge that i used this russian website to learn about this method and it's only fair to post the link even if you can't read russian , i still feel the need for giving credit to the author.

https://forum.bits.media/index.php?/topic/65678-%D1%81%D1%82%D0%BE%D1%80%D0%BE%D0%BD%D0%BD%D1%8F%D1%8F-%D0%BF%D1%80%D0%BE%D1%88%D0%B8%D0%B2%D0%BA%D0%B0-%D0%B4%D0%BB%D1%8F-antminer-l3-%D0%BE%D1%82-blissz/&page=5&tab=comments#comment-1703686

 -------------------------------------------------------

lets start.

1- you will need to use a ssh tool like putty.

2-type the ip address of the miner in putty , keep port 22

* if message pop up > click Yes

3-username :root
  password:admin

then you will be inside the miner.

4-copy paste this line

Code:
cd /www/pages/cgi-bin
    > hit enter

like this



5-type this

Code:
vi upgrade.cgi


6-use the down arrow and find this code

-------------------------

Code:
if [ ! -f runme.sh.sig ]; then
        echo "Cannot Find Signature!!!" >> /tmp/upgrade_result
else
        openssl dgst -sha256 -verify /etc/bitmain-pub.pem -signature  runme.sh.sig  runme.sh >/dev/null  2>&1
        res=$?
        if [ $res -eq 1 ]; then
                echo "Installer Not Signtured!!!" >> /tmp/upgrade_result
        else
                if [ -f runme.sh ]; then
                        sh runme.sh
                else
                        echo "Incorrect firmware!!!!" >> /tmp/upgrade_result
                fi
        fi
fi

#if [ -f runme.sh ]; then
#       sh runme.sh
#else
#       echo "Incorrect firmware!!!!" >> /tmp/upgrade_result
#fi



7-click "i" on your keyboard to enter Edit Mode

8- change the code in step 6 to this code

" you don't have to delete or add any code, reffer to the comment below the code to understand more.

Code:
# if [ ! -f runme.sh.sig ]; then
      #  echo "Cannot Find Signature!!!" >> /tmp/upgrade_result
#else
 #  openssl dgst -sha256 -verify /etc/bitmain-pub.pem -signature  runme.sh.sig  runme.sh >/dev/null  2>&1
# res=$?
# if [ $res -eq 1 ]; then
 #   echo "Installer Not Signtured!!!" >> /tmp/upgrade_result
 #else
#    if [ -f runme.sh ]; then
#   sh runme.sh
 # else
# echo "Incorrect firmware!!!!" >> /tmp/upgrade_result
# fi
 # fi
#fi

if [ -f runme.sh ]; then
   sh runme.sh
else
       echo "Incorrect firmware!!!!" >> /tmp/upgrade_result
fi


"add # to the first 15 lines, and remove # from the next 5 lines"

* adding # meaning the line is commented aka won't be executed, so what you doing is simply making the miner ignore that IF function that looks for the signature.

after you are done editing the code, hit ESC key (escape) on your keyboard

9-type

Code:
:wq

and hit Enter > this code is to save and exist the upgrate file.

10-type
Code:
:q

and hit Enter > to exist the SSH session.

11-flush the new firmware.


------------------------------------
*do this at your own risk

if you have any questions feel free to ask.

Good luck.

1561562522
Hero Member
*
Offline Offline

Posts: 1561562522

View Profile Personal Message (Offline)

Ignore
1561562522
Reply with quote  #2

1561562522
Report to moderator
1561562522
Hero Member
*
Offline Offline

Posts: 1561562522

View Profile Personal Message (Offline)

Ignore
1561562522
Reply with quote  #2

1561562522
Report to moderator
1561562522
Hero Member
*
Offline Offline

Posts: 1561562522

View Profile Personal Message (Offline)

Ignore
1561562522
Reply with quote  #2

1561562522
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1561562522
Hero Member
*
Offline Offline

Posts: 1561562522

View Profile Personal Message (Offline)

Ignore
1561562522
Reply with quote  #2

1561562522
Report to moderator
efudd
Member
**
Offline Offline

Activity: 364
Merit: 45


View Profile
December 29, 2018, 12:33:56 AM
 #2

mikeywith - do you know which miners are doing this now?

I'd be tempted to release a version of each that doesn't have this crap in it -- it's a ridiculously stupid check they've implemented. Their software prowess is sad.

-j

HagssFIN
Legendary
*
Offline Offline

Activity: 1302
Merit: 1367


Electrical engineer (B.E.). Mining since 2014.


View Profile WWW
December 29, 2018, 01:05:31 AM
 #3

Nice digging. Smiley

That's a quite simple if-function they have there for the signature check.

mikeywith
Sr. Member
****
Offline Offline

Activity: 448
Merit: 949


be constructive or S.T.F.U


View Profile
December 29, 2018, 01:37:24 AM
 #4

mikeywith - do you know which miners are doing this now?

I'd be tempted to release a version of each that doesn't have this crap in it -- it's a ridiculously stupid check they've implemented. Their software prowess is sad.

-j

the once i am aware of are the D3 and the L3 as well as the L3++. but if i am not mistaken i have read someone had a problem with his S9 when trying to flush Briiins fw.

i hope other members will confirm about other miners.

the strange thing is even in D3 and L3, not all batches have this stupid signature check.

kenk2
Newbie
*
Offline Offline

Activity: 3
Merit: 0


View Profile
February 07, 2019, 02:54:38 AM
 #5

This worked for my L3+ that was on the blissz FW then downgraded to the L3++ FW from Bitmain, then back to Blissz.  After downgrading to L3++ I got the signature not found and did the above to fix.

Thank you!
Maxumark
Full Member
***
Offline Offline

Activity: 157
Merit: 108



View Profile
February 08, 2019, 12:03:37 AM
 #6

The only available L3+ firmware on Bitmain's site is: Antminer-L3+-201811131346-384M.tar.gz
If you update to it it adds the "Cannot find Signature" so no going back or going to Bliss.

I suspect that any Bitmain firmware for any miner from Nov/Dec 18 that says "Security Firmware, Fix some security vulnerabilities"
blocks unauthorized firmware, and rolling back to previous firmware.
Even resetting does not get around it.
 
Thanks for this work around.   

-M

Mining LTC and other alts since 2014 when I thought I missed the BTC train.
efudd
Member
**
Offline Offline

Activity: 364
Merit: 45


View Profile
February 09, 2019, 02:57:42 AM
 #7

The only available L3+ firmware on Bitmain's site is: Antminer-L3+-201811131346-384M.tar.gz
If you update to it it adds the "Cannot find Signature" so no going back or going to Bliss.

I suspect that any Bitmain firmware for any miner from Nov/Dec 18 that says "Security Firmware, Fix some security vulnerabilities"
blocks unauthorized firmware, and rolling back to previous firmware.
Even resetting does not get around it.
 
Thanks for this work around.   

-M

bitmange is getting trickier in that they are also disabling SSH in their latest firmwares....

-j

mikeywith
Sr. Member
****
Offline Offline

Activity: 448
Merit: 949


be constructive or S.T.F.U


View Profile
March 10, 2019, 12:21:50 AM
 #8

This worked for my L3+ that was on the blissz FW then downgraded to the L3++ FW from Bitmain, then back to Blissz.  After downgrading to L3++ I got the signature not found and did the above to fix.

Thank you!

Glad this worked out for you as well, did you face any difficulties? was the guide easy enough to follow? please let me know if you think i need to clear out any of the steps.

Thanks.

butok
Newbie
*
Offline Offline

Activity: 29
Merit: 4


View Profile
March 10, 2019, 03:13:42 PM
 #9

forgot to write to press esc after modification.......save with :wq does not works

chipless
Jr. Member
*
Offline Offline

Activity: 266
Merit: 3


View Profile
March 11, 2019, 05:24:49 AM
Last edit: March 11, 2019, 06:03:58 AM by chipless
 #10

For the ANtminer D3 I have created a SD loader for the Blissz v1.1 Dev-Free. This will load Blissz firmware and get rid of the signature checking. If you have other miners you need a similar files for pm me and I will see what I can get together for you to get past the SSH disable and Signature checking.

How to use.....

1) Unpack the files to a SD-Card
2) Power off miner
3) Insert SD-Card into miners SD Slot
4) Power miner back on
5) Wait about 3-5 minutes for the miner to boot and load Blissz v1.1 to the miner
6) Power off miner and remove the SD-Card
7) Power miner back on and enjoy Blissz v1.1 Dev-Free

You can download the Antminer D3 file here:

https://drive.google.com/file/d/1xVhPqAsRz3SW2kmWFEKdV8CuIYQkuglO/view?usp=sharing


If you find this file helpful please make a donation to my Dash wallet -     Xrf1K1vDwY9RoqrEJGABJMR8sbDHtWaxQy
or if you prefer Zcash -   t1e4Dmr5RBgnWqTN2mAmZ6JzGavW7qxA4P1

efudd
Member
**
Offline Offline

Activity: 364
Merit: 45


View Profile
March 11, 2019, 03:02:09 PM
 #11

LOL... OR, just follow the standard bitmain recovery instructions, but load the firmware of your choice instead of theirs as the last step.

I've already gone though and checked the various bitmain loader images a couple of days ago to make sure they do not have signature checking in them instead of making one-off images for a bunch of things.

-j


chipless
Jr. Member
*
Offline Offline

Activity: 266
Merit: 3


View Profile
March 11, 2019, 05:11:00 PM
 #12

LOL... OR, just follow the standard bitmain recovery instructions, but load the firmware of your choice instead of theirs as the last step.

I've already gone though and checked the various bitmain loader images a couple of days ago to make sure they do not have signature checking in them instead of making one-off images for a bunch of things.

-j



True, you can just follow the Bitmain recovery until they update the recovery image on their site. I had this one already put together for a guy.
Cypobbiu2
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
March 13, 2019, 12:35:26 PM
 #13

Hi, everybody. And that to do if I have on all miners z9 closed all ports except 4028? Huh
efudd
Member
**
Offline Offline

Activity: 364
Merit: 45


View Profile
March 13, 2019, 01:34:15 PM
Last edit: March 13, 2019, 02:08:55 PM by efudd
 #14

Hi, everybody. And that to do if I have on all miners z9 closed all ports except 4028? Huh

Your miner is showing the “November” build I guess. Use the sdcard recovery steps (google it) and then install a non locked firmware of your choice, mine from my signature or someone else's, as the last step (step #10 - unnumbered on the page below).

documentation: https://support.bitmain.com/hc/en-us/articles/360006020914-Z9-V9-Z9-Mini-Control-Board-Program-Recovery



-j

Cypobbiu2
Newbie
*
Offline Offline

Activity: 2
Merit: 0


View Profile
March 14, 2019, 07:14:17 AM
 #15

Hi, everybody. And that to do if I have on all miners z9 closed all ports except 4028? Huh

Your miner is showing the “November” build I guess. Use the sdcard recovery steps (google it) and then install a non locked firmware of your choice, mine from my signature or someone else's, as the last step (step #10 - unnumbered on the page below).

documentation: https://support.bitmain.com/hc/en-us/articles/360006020914-Z9-V9-Z9-Mini-Control-Board-Program-Recovery



-j

THX, Everything turned out as you said.
efudd
Member
**
Offline Offline

Activity: 364
Merit: 45


View Profile
March 14, 2019, 11:06:59 PM
 #16

Hi, everybody. And that to do if I have on all miners z9 closed all ports except 4028? Huh

Your miner is showing the “November” build I guess. Use the sdcard recovery steps (google it) and then install a non locked firmware of your choice, mine from my signature or someone else's, as the last step (step #10 - unnumbered on the page below).

documentation: https://support.bitmain.com/hc/en-us/articles/360006020914-Z9-V9-Z9-Mini-Control-Board-Program-Recovery



-j

THX, Everything turned out as you said.

Awesome, I'm glad this worked out. I went ahead and created two boot images, one for the mini and one for the large which can be used to install Fuddware 2.1d in the future -- skipping the V9->upgrade step. It's now posted at https://releases.broked.net and can be used in place of the V9/Z9/Z9miniv2 images listed at bitmain's website.

-j

ejonathonw
Jr. Member
*
Offline Offline

Activity: 35
Merit: 1


View Profile
March 25, 2019, 06:48:02 PM
 #17

I used this method on a used L3+ I just got off eBay.  Great instructions, thanks for laying it out.
mikeywith
Sr. Member
****
Offline Offline

Activity: 448
Merit: 949


be constructive or S.T.F.U


View Profile
March 26, 2019, 10:45:10 PM
 #18

I used this method on a used L3+ I just got off eBay.  Great instructions, thanks for laying it out.

did you face any troubles along the way? glad it worked out for you.

mikeywith
Sr. Member
****
Offline Offline

Activity: 448
Merit: 949


be constructive or S.T.F.U


View Profile
April 10, 2019, 01:02:40 AM
 #19

update:

The new 2019 firmware for S9 also has this Signature restriction.

reference:

https://bitcointalk.org/index.php?topic=5129589.msg50535225#msg50535225


efudd
Member
**
Offline Offline

Activity: 364
Merit: 45


View Profile
April 10, 2019, 01:51:55 AM
 #20

update:

The new 2019 firmware for S9 also has this Signature restriction.

reference:

https://bitcointalk.org/index.php?topic=5129589.msg50535225#msg50535225



Does that firmware also disable ssh? That's their new method, signature + disabling SSH.

-j

Pages: [1] 2 »  All
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!