On a sunny day (Fri, 12 Apr 2024 10:40:20 -0700) it happened Don Y <
blockedofcourse@foo.invalid> wrote in <uvbrm4$2fn2h$
6@dont-email.me>:
APC UPSs have (or can have) a network management option.
Most usually, an add-in card with (at least) a NIC and
some services hosted by the UPS (web interface, sshd,
ftpd, etc.).
Most UPSs don't have a traditional UI. Often, a serial
console is available -- via a (trivial to make) special cable.
To get the interface card to a known state, there is a RESET
pinhole available. One would think holding the RESET for
some abnormal amount of time would force the card to
resume it's default settings -- IP, password, etc.
APC, however, have implemented a more bizarre scheme:
Press RESET.
Wait a few seconds for indicator on the card to rapidly flash
Press RESET, again.
Repeatedly strike ENTER on serial console until prompt appears.
Use default credentials to log in.
This must be accomplished in the first 30 seconds else the existing
settings (ALL of them, including username and password) remain as is.
[Keep in mind that for a racked UPS, you've got your head inside
the rack on the BACK side of the UPS to access the RESET pinhole.
And, the UPS is likely *low* in the rack making access challenging. >Presumably, a laptop sitting nearby to act as the serial console]
I do not see the rationale for this. The person has physical
access to the UPS *and* the power cords for the devices that
it protects (and powers, even when mains power is available
THROUGH the UPS!).
The person is free to alter the persistent settings for any of
these parameters after this ritual is performed.
So, what is the silly 30 second timeout achieving? Is it there
to protect against someone ACCIDENTALLY pressing RESET? Is it
there to ensure the existing password can remain intact even if the
user successfully accesses the console and opts not to change the
existing password?
This seems unduly complicated vs. simply "Press RESET for 10 seconds
to reset credentials (and IP?)"
I'm looking at other (UPS) manufacturers' products to see if they are >similarly convoluted for some reason...
I have this cheap UPS:
https://panteltje.nl/pub/APC_UPS_ES700_waveform_25W_edison_bulb_load_IMG_0270.JPG
the output is NOT a sinewave..
Came with ethernet cable etc, after some playing around whith that interface decided better leave it disconnected..
Has been powering my Raspberries Pies, monitor, PC, most electronics on the table now for 5 years..
Comes in about every day for short few period interrupts when the power company switches things,
you can hear that, if it starts beeping I plug it into the big 250 Ah pure sineave lipo
stuff I have if I think it is important to keep stuff on..
No ethernet needed and no hacking possible.
Still running on the same battery... not bad.
I like the multiple mains sockets too.
Think this model is no longer sold.
--- SoupGate-Win32 v1.05
* Origin: fsxNet Usenet Gateway (21:1/5)
