I successfully unlocked all options and updated to model SSA-3032X tonight using a combination of posts on this thread. It took a very long time to carefully gather all the details and corrections from many different posts. Since it worked in the end for me, I thought I would share back by consolidating the instructions into one single post. In general, I enhanced @Myexige's original post by adding into the steps what he found later about nsp_data_b file. I also added the Telnet RC file fix to the steps, so everything is in one spot here. Please feel free to make enhancements/corrections/additions, to help others. Here is the process from start to finish that worked fine for me, and others apparently;
NEW PROCEDURE FOR UNLOCK TO PRESERVE SERIAL NUMBER:
A. First, Make Backup Files:
1. Insert USB stick
2. Establish a telnet session with root/ding1234
3. cp -R /usr/bin/siglent/usr/backup /usr/bin/siglent/usr/mass_storage/U-disk0/SA-backup
4. cp -R /usr/bin/siglent/firmdata0 /usr/bin/siglent/usr/mass_storage/U-disk0/SA-firmdata0
5. Sync
2. Start with BOTH of your original "NSP_sn_bandwidth" XML files in place. If you need to, restore them from backup if you tried some previous method to unlock. Once the original files are there, then proceed below:
3. SSA3021X - the final hack?
« Reply #737 on: October 04, 2019, 07:23:07 pm »
Today I hacked my SSA3021X and turned it into a SSA3032X with ALL options permanent AND KEPT MY SERIAL NUMBER, therefore (hopefully) future proofing it against any firmware updates
When I received the unit the installed firmware was 1.2.9.2a which (thankfully) still had telnet access.
Whilst waiting for delivery I read this whole thread 3 or 4 times to get as much information as i could and it has been invaluable, thanks to all who contributed.
Ok, so we know if the "NSP_system_info.xml" from version 7 firmware was edited so that the license info was TRUE that this would open up the analyzer options on that firmware series. Now we are at FW version 8 series, with actual firmware download versions like 1.2.8.1, 1.2.9.2, 1.2.9.3, etc.
Hint....Create a new "NSP_system_info.xml" file using your favorite editor now and make sure it contains YOUR serial number:
<?xml version="1.0" encoding="UTF-8"?>
<nsp_system_info_root>
<device>
<system_information>
<serial_number>
<chip>SSA3xxxxxxxxxx</chip>
<<<---- INSERT YOUR SERIAL# HERE! </serial_number>
<license><_3032>TRUE</_3032><_3021>FALSE</_3021><_TG>TRUE</_TG><_EMI>TRUE</_EMI><_Meas>TRUE</_Meas><_CAT>TRUE</_CAT></license></system_information>
</device>
</nsp_system_info_root>
Copy it to a blank USB stick.
Next step is to obtain a copy of the V8.01 firmware (1.2.8.1) from the Siglent web site, and unzip it into a folder. Also, download the Firmware Converter Tool (that converts a .ADS Firmware File to a .ZIP file from here:
https://www.eevblog.com/forum/testgear/siglent-ssa3000x-spectrum-analyzers/?action=dlattach;attach=269048Using the "converter tool", Select the Siglent Firmware V01.02.08.01.ADS file that you downloaded and convert it to a ZIP file.
NOTE: IT MUST BE FIRMWARE 1.2.8.1, because we need two files from that specific version to generate a license. NO OTHER VERSION WILL WORK!
The zip file that the above tool creates is fussy and can ONLY be opened with 7-Zip. Extract it with 7-Zip.
In the extracted folder you will find a copy of the main application file "ecomb", copy this to the USB stick and rename it "ecomb8".
Also copy the file nsp_data_b from the extracted folder, onto your USB stick. We will need it below.
BEWARE: That tool is unable to extract a full working zip. But it should be OK to extract the ecomb app and the nsp_data_b file most of the times. Those are the only two files we need from the 1.2.8.1 firmware.
So, while you may get errors opening the zip,
ensure that you don't get an error when unzipping the ecomb file or the nsp_data_b file!Place the USB stick into the SSA and open a telnet session. For the commands below, copy and paste them into your putty telnet window. ( Control-C copy on the windows side, Right-Mouse-Click on the Putty Telnet side. )
Remember, don’t enter the quotation " marks, just the text between them.
Enter "mount -o remount, rw /"
Enter "cd /usr/bin/siglent"
Enter "ps"
You will get a list like this...
PID USER VSZ STAT COMMAND
1 root 1320 S init [5]
2 root 0 SW [kthreadd]
3 root 0 SW [ksoftirqd/0]
4 root 0 SW [kworker/0:0]
…lots more lines here…
719 root 2112 S /usr/sbin/telnetd
726 root 152m S ./ecomb
<<<--- ECOMB 727 root 1572 S /sbin/getty 115200 ttyO0
in YOUR list of processes, find "./ecomb" and get the "PID" number, in my case above, it was "726".
Enter "kill -9 726" - not sure if the "-9" is needed but it certainly killed the process.
Or “kill -9 <The Process ID of YOUR ./ecomb>”
Enter "ps" again and make sure "./ecomb" is NOT shown.
It MUST NOT be running for the next steps.Enter "cp /usr/bin/siglent/usr/mass_storage/U-disk0/ecomb8 ecomb8" - This copies "ecomb8" from the USB stick to the "/usr/bin/siglent" directory.
Enter "ls -l" - and make sure it is there.
Enter "mount -o remount,rw /dev/ubi2_0 /usr/bin/siglent/firmdata0"
Enter "cd firmdata0"
Enter "cp /usr/bin/siglent/usr/mass_storage/U-disk0/NSP_system_info.xml NSP_system_info.xml" - this copies the "NSP_system_info.xml" file you created above to "/usr/bin/siglent/firmdata0"
Enter "ls -l" and make sure it is there.
Next: you also need to roll-back (The version) of the "nsp_data_b" file in firmdata0 after the ecomb process has been killed. Roll it back to the version from the 1.2.8.1 FW. Copy it from the USB stick into the "/usr/bin/siglent/firmdata0" directory as follows:
Enter “cp /usr/bin/siglent/usr/mass_storage/U-disk0/nsp_data_b nsp_data_b”
Enter “ls –l” and make sure it is there.
Next,
Enter "cd .." to drop back one level to the "/usr/bin/siglent" directory.
NOW FOR THE FUN PARTEnter "./ecomb8" - Loads of text will appear on the telnet screen, the application will start and will read the "NSP_system_info.xml" file and will automatically create a fully licensed "NSP_sn_bandwidth.xml" file, the application will start up on the SSA and using "System info" you will see that your SSA3021X is now a SSA3032X with all options permanent and with the correct serial number.
Power off the SSA, remove the USB and power it back on, all options will remain and it will be running the correct version of "ecomb"
Don’t forget to backup to USB stick your new "NSP_sn_bandwidth.xml" licensing file.<START Backup Procedure>
1. Make sure USB stick is still inserted in the analyzer.
2. cp -R /usr/bin/siglent/usr/backup /usr/bin/siglent/usr/mass_storage/U-disk0/SA-backup-NEW
3. cp -R /usr/bin/siglent/firmdata0 /usr/bin/siglent/usr/mass_storage/U-disk0/SA-firmdata0-NEW
4. Sync
<END Backup Procedure>
Finally, If you wish to upgrade PAST the 1.2.9.2a Firmware:
PRESERVE TELNET ++BEFORE++ UPGRADING TO FW VERSION 1.2.9.3Re: Hack of Sigllent spectrum analyzer ssa3021X?
« Reply #752 on: October 13, 2019, 06:00:59 pm »
Easy way to overcome losing telnet before updating to 1.2.9.3a is to create your own symbolic links for the telnet deamon.
e.g.
Enter "mount -o remount,rw /"
Enter "cd /etc/rc0.d"
Enter "ls -al"
Examine the telnet symbolic link, K10telnetd in this case and create your own with a different number, 15 in this example.
Enter "ln -s ../init.d/telnetd K15telnetd"
Enter “cd /etc/rc1.d”
Enter "ln -s ../init.d/telnetd K15telnetd"
Enter “cd /etc/rc6.d”
Enter "ln -s ../init.d/telnetd K15telnetd"
NOW, this next directory uses a little different syntax, it is S15telnetd; ("S" for Start)
Enter “cd /etc/rc5.d”
Enter "ln -s ../init.d/telnetd S15telnetd”
Enter "sync"
Restart the analyzer.
After this, you can safely update to 1.2.9.3a and forward, while preserving telnet access.