Skip to content

Enabling SSH on the MPC Live X one Force

TheKikGen edited this page Jan 13, 2023 · 14 revisions
    __ __| |           |  /_) |     ___|             |           |
       |   __ \   _ \  ' /  | |  / |      _ \ __ \   |      _` | __ \   __|
       |   | | |  __/  . \  |   <  |   |  __/ |   |  |     (   | |   |\__ \
      _|  _| |_|\___| _|\_\_|_|\_\\____|\___|_|  _| _____|\__,_|_.__/ ____/

For those who want to try the "ssh" experience on their MPC LIVE/X/one/Force, you can download modified official Akai update img below.

Those firmware image have the full Akai format, so they can be flashed with standard AKAI's update procedure.
Nothing else than ssh activation was modified, so there is little risk to use this update. I decline any responsibility in case of problems with your hardware. You perform this operation at your own risk!

Update your MPC

  1. Download the file corresponding to your hardware MPC ssh images

  2. Rename the downloaded file by removing the "bootstrap" trailer if it exists so the file name becomes MPC-version-Update.img

  3. Copy the img file to the root directory of an usb key. A non-empty key will work contrary to what is stated in the documentation.

  4. Plug the usb key in your MPC and switch on the MPC

  5. Go to the Main menu/Setting and hold the shift key : press the "Update" button at the bottom of the screen. An update message will ask you to confirm.

  6. The update will start and your MPC will reboot. Check in the settings menu that you installed the right version.

Enable SSH

To enable SSH, the network must be active. You must therefore connect your MPC to WIFI (in the setting menu) or a wired network. Once connected, locate the IP address of your MPC on the network (something like 192.168.x.y). Open a shell command line and enter :

      ssh root@(mpc ip address)

Accept the usual SSH security warnings by answering "yes" to add permanently your MPC IP to the list of known hosts. No password is required. The "root" account is obviously root, so be careful what you do...

And now ?

I recommend to windows users to install the WinSCP software, that will allow you to "explore" the MPC directories. Linux and Mac users can enter directly the stfp url in the file browser e.g. in Thunar or Finder : sftp://root@192.168.x.y

The root directory is read only but you can write on internal/external sdcard or any usb disk. You will find them at "/media"

The hack is permanent (until you update again).

SSH in a nutshell

You probably just activated the SSH server in your MPC, so it seems important to give you some explanations in a few lines what SSH is.

SSH stands for "Secure Socket Shell". It is a network protocol, by far more complex than Telnet, the old unsecured method to access remotely to a server. SSH has a strong level of security by offering communications encryption and authentication.

When you enter the "ssh root@(my id addr)" command in a terminal, your local ssh program initiates a SSH connection with the server (your MPC), listening permanently for connections, on the port 22. If you are accessing the SSH server for first time, the ssh program will ask you to authenticate server manually by verifying public key of server. You can see Public keys of server by using the "ssh-keyscan (ip addr)" command.

The authenticity of host '192.168.2.27 (192.168.2.27)' can't be established.
ECDSA key fingerprint is SHA256:Bryrw6CItN8JKVyBe+eFNRHX6lP/oCbcdKLsWe2yC84.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '192.168.2.27' (ECDSA) to the list of known hosts.

Once the key is verified, the server is added in the local known_hosts file in your $HOME/.ssh directory. This file contains the servers you have verified. If this is not the first access to the server, the server’s identity is matched with that recorded information.

FYI, The minimal /etc/ssh/sshd_config configuration file is :

#	$OpenBSD: sshd_config,v 1.103 2018/04/09 20:41:22 tj Exp $

# This is the sshd server system-wide configuration file.  See
# sshd_config(5) for more information.

# This sshd was compiled with PATH=/usr/bin:/bin:/usr/sbin:/sbin

# The strategy used for options in the default sshd_config shipped with
# OpenSSH is to specify options with their default value where
# possible, but leave them commented.  Uncommented options override the
# default value.

# TKGL : prohibit-password changed to yes
PermitRootLogin yes

# The default is to check both .ssh/authorized_keys and .ssh/authorized_keys2
# but this is overridden so installations will only check .ssh/authorized_keys
AuthorizedKeysFile	.ssh/authorized_keys

# TKGL : changed from no to yes
PasswordAuthentication yes

# TKGL : uncommented. Changed from no to yes
PermitEmptyPasswords yes

# Change to no to disable s/key passwords
ChallengeResponseAuthentication no

# Set this to 'yes' to enable PAM authentication, account processing,
# and session processing. If this is enabled, PAM authentication will
# be allowed through the ChallengeResponseAuthentication and
# PasswordAuthentication.  Depending on your PAM configuration,
# PAM authentication via ChallengeResponseAuthentication may bypass
# the setting of "PermitRootLogin without-password".
# If you just want the PAM account and session checks to run without
# PAM authentication, then enable this but set PasswordAuthentication
# and ChallengeResponseAuthentication to 'no'.
UsePAM yes


# no default banner path
#Banner none

# override default of no subsystems
Subsystem	sftp	/usr/libexec/sftp-server

Have fun !