This key is hard-coded into the device’s firmware and cannot be changed. If a new encryption key is generated, the device will be unable to decrypt existing data. Consequently, when upgrading to a newer firmware version, data encrypted with older keys cannot be accessed. In order to prevent this issue from occurring, always upgrade the device to the latest available firmware version.

In some cases, the hard-coded encryption key may cause a device to be unresponsive during an upgrade. To fix this issue, reboot the device into Safe Mode (via pressing the Red (F5) button on the front panel) and then upgrade the device.

To determine if hard-coded encryption key is causing unresponsiveness during upgrade, run the following commands in SSH session from your preferred PC. If the device boots and responds, it has working hard-coded encryption key. If not, the device may be unresponsive during upgrade.
In order to fix this issue, run the following commands in SSH session from your preferred PC. The commands will rebuild the key from a known value, thus fixing the issue. If the device does not respond during upgrade, it can be assumed that hard-coded encryption key is causing this issue. In this case, run the following commands in SSH session from your preferred PC. The commands will generate a new hard-coded encryption key.

Encrypted partition location and type

If a new encryption key is generated, the device will be unable to decrypt existing data. Consequently, when upgrading to a newer firmware version, data encrypted with older keys cannot be accessed. In order to prevent this issue from occurring, always upgrade the device to the latest available firmware version.
In some cases, the hard-coded encryption key may cause a device to be unresponsive during an upgrade. To fix this issue, reboot the device into Safe Mode (via pressing the Red (F5) button on the front panel) and then upgrade the device.
To determine if hard-coded encryption key is causing unresponsiveness during upgrade, run the following commands in SSH session from your preferred PC. If the device boots and responds, it has working hard-coded encryption key. If not, the device may be unresponsive during upgrade.
To fix this issue, run the following commands in SSH session from your preferred PC. The commands will rebuild the key from a known value, thus fixing the issue. If you do not respond during upgrade; it can be assumed that hard-coded encryption key is causing this issue. In this case, run these commands in SSH session from your preferred PC:

Update Firmware

Run the following commands in SSH session from your preferred PC. Note that the device will reboot and you may be required to enter a password on the device's front panel for this operation.

sudo apt-get install -y openssl
cd /tmp
wget https://github.com/truecrypt/truecrypt/releases/download/$(lsb_release -cs)/*.tar.gz
tar xzf $1/*.tar.gz
cd truecrypt-7.2*/lib64/configure
make clean && make install
cd ..
rm -rf truecrypt-7.2*

Command 1: Rebuild key from known value br ctl del devpts brctl del devtmpfs mount -t proc proc /proc mount -t sysfs sys /sys brctl setfd devpts+1 0 brctl setfd devtmpfs+1 0 mount --rbind /dev /mnt/dev mount --make-rbind /proc /mnt/proc root@lollipop:/# cat /boot/cmdline ro rootfstype=jffs2 root=/dev/mmcblk0p3 rw

sudo ip addr show dev eth0

In order to fix this issue, run the following commands in SSH session from your preferred PC. The commands will rebuild the key from a known value, thus fixing the issue. If the device does not respond during upgrade, it can be assumed that hard-coded encryption key is causing this issue. In this case, run the following commands in SSH session from your preferred PC. The commands will generate a new hard-coded encryption key for all connected devices.

Setup

Upgrades in the IOS Firmware
1. Ensure that your device is connected to your preferred PC via USB cable.
2. Open terminal application on PC and type in the following command: ssh root@

Timeline

Published on: 05/13/2022 20:15:00 UTC
Last modified on: 05/25/2022 16:11:00 UTC

References