Host a Website from your Xiegu X6100
One of the main reasons I bought the Xiegu X6100 was the fact it was running a Linux kernel with root access. I’m not sure if Xiegu intended this, but it’s here so I’m going to use it. I think we are still sleeping on a lot of use case for this. Youtube channels such as TemporarilyOffline have highlighted this ability, and I would advise you check his x6100 videos out if you find this interesting.
Why would you want to host a website on a Ham Radio?
The main purpose of this is to being awareness of the abilities we are missing out on by not using the built in python binary within the x6100. Python is a very powerful programming language, and the fact we have it right there within the vanilla OS opens up a lot of possibilities. As a proof on concept, the only thing we will be doing is hosting a website to serve manuals and other useful applications.
Connect to Wifi / Ethernet
The first thing you should do is connect to wifi or ethernet. If you aren’t on the latest firmware, you should update before proceeding to minimize bugs. Radioddity has a guide here on connecting your x6100 to wifi. Wifi is easiest because you don’t need any other cables or adapters.
As a quick Guide:
You can get to the wifi menu by going to the “System Settings” Tab, and then “WIFI”. You should use the scan button to scan for your wifi network. On the right side, you will use the “Next” button to navigate between options, and then the “Edit” button to change a setting. A USB Keyboard connected to the “DEV” port will make this process 10x easier.
SSH into the x6100
You can use putty to SSH into the x6100. If you are using windows 11, an ssh client is built in, and you only need to issue “ssh root@x6100_ip” into your command prompt. The default password for the x6100 is: “123”. We will now make a folder for our web server, by entering the following command:
mkdir /tmp/website
Transfer the Website
We are now going to transfer the Example website to your x6100. This can be done in several ways, but I’m going to recommend scp (Secure Copy Protocol). First, grab the website template from the github page here . You can press the “code” button and hit download zip.(You may also use your own of course if you are so inclined)
Next, extract the zip and open the folder. Here there are two ways we will talk about transferring the web server files.
Option 1 (Built in SCP via Command Prompt):
This option is built into windows 11. To copy the files with build in SCP, Shift-Right click within the white space of the extracted folder (where the index.html file is), and select “Open in Terminal”. If you don’t have this option, you need to open a command prompt and use the “cd” command to navigate to this folder manually.
After you have your command prompt opened, enter the following command:
(Replace 10.10.2.75 with your x6100’s IP Address)
scp -r * root@10.10.2.75:/tmp/website
Then simply enter “123” as the password when prompted.
Option 2 (Fany GUI SCP):
Option 2 uses WinSCP, a program you can download here. Once installed, you need to connect to your x6100 using “SCP” as the protocol, “root” as the username, and “123” as the password. On the right side of the window, navigate to your /tmp folder. On the left side, navigate to the extracted web-server folder. Next, just drag and drop everything from the left to the right (your desktop to the x6100)
Start the Webserver
Now that our website is on our x6100, we just need to start the webserver via python. Enter the following commands on the x6100 ssh connection.
cd /tmp/website
python -m http.server 80
You should now be able to navigate to http://your_x6100_ip in your browser to see the website!
[…] Host a website from your Xiegu X6100 Hosting a website to serve manuals and other useful applications. The Modern Ham […]
I’m going to follow up on this on my blog, but in *this* day and age, being excited because a manufacturer is running a Linux server in their product with root access available is in itself unbelievable, and I’m wearing my amateur radio hat and haven’t even started to put on my cybersecurity Fedora.
The manufacturer providing root access is not really a security concern to me, but default passwords with SSH access is.
If anything root access on a Linux system allows the customer to check for hidden vulnerabilities, show potential privacy concerns from processes usually hidden away.
I’m happy to see root access because I now know the system isn’t doing anything malicious.
Now, here’s the problem / vulnerability:
The password is 123, and ssh is by default enabled.
Had the above conditions been different, shipping with root access wouldn’t be a problem for me. (Or if they required a change during first boot up for the password).
In reality, a commercial router behind a NAT would mitigate a threat from this exposure. But if one does not have a NAT / forwards the port, or is on a network that potential threat actors, that’s a different story.
I also have a cyber security blog, https://takethebait.net/ because penetration testing is another hobby of mine.
Interesting cybersecurity site I will take longer look at it. The majority of folks buying that radio will not have implemented segregated networks or vlans in their home and even fewer take the time to run any kind of monitoring software to even know what they have running. Now connect a device with ssh and root access an even worse password than 123456 and its a transceiver not a lightbulb !