Retropie not booting, stuck on boot up cycle
-
So I just finished setting up RetroPie on a pi 3 and added some roms on a external hdd. I decided to do some scrapping over night as I knew it would take a bit. In the morning I found it to be rolling quick through terminal with what seems to be attempts at downloads and text saying
Lost connection
Connection refused
Permission defined public key.password.I tied rebooting it and found it to boot to the splash screen and then attempt to download stuff related to Jessie. It seems to attempt to download
Zmap: output module: csv
and then keeps rolling through the attempted downloads and connection refused etc.
I left it while I was at work and come home to it on emulation station. I firgured it worked itself out but I tried rebooting and it started the boot issue all over again. Been going for over an hour and won’t boot into emulation station
Pictures of issue https://imgur.com/gallery/eaD0X -
It looks like you have a compromised installation. Do you have open ports on your router for remote ssh access?
-
Here's a previous thread with a similar situation: https://retropie.org.uk/forum/topic/11260/issue-with-retopie-boot-emulationstation-not-starting
For your own protection, I highly recommend that you wipe your existing installation and re-install from a verified image. Once done, ensure that all packages are updated and make sure that your router is not exposing any open ports that can lead to the Pi being compromised again.
-
Hmm that’s what I was worried about. I do have ssh access to the pi but does appear that the login/password have been changed. I didn’t change them from default as i was still setting up but I’ll have to perform a clean install again and maybe change that first before proceeding.
Thanks for the advice, I appreciate it -
Did you get to the bottom of this issue?
I also have a pi 3 and have been using it for about a week or so transferring roms through ssh access. Similarly I was scraping over night and woke up to the exact rolling terminal texts. I reinstalled a fresh retropie then transferred a few roms and once again it does not boot.
Any updates?
-
@knickel5 this is happening from a fresh RetroPie image downloaded from this site?
What exact steps are you taking until it breaks? What scraper are you running?
Do you still have SSH access to your pi? -
It looks likely to be this malware or a variant: https://www.theregister.co.uk/2017/06/13/linuxmuldrop14_malware_for_raspberry_pi/
@Matt-Teix - the image you posted showed an IP address, which seems to be a web interface for a LaCie drive. Is that your IP and/or drive? I'd urge caution when investigating these IP addresses, as it could host other malware.
It would also be good to know if a) the image was installed by you and b) is an original, untouched image. It's possible that someone is distributing RetroPie images with malware pre-installed.
-
Nope, none of those ips are mine. Looks like it’s trying to connect to different servers but seems to fail. It was a stock image used from berry boot and updated through apt-get. I did have an open port on my router to acess it away from the house. I was previously running raspberry stretch and realized I was unable to load retropie on it (well easily anyways) so I did a fresh install and left the port open without changing the password before setting up roms first.. I forgot the port was open as on the stretch I changed the password and user already. So I’m assuming someone is rolling through ips on port 22 and default user and passwords seeing what they can connect to. I’m curious as to what was involved in this malware if that was the case.
Contributions to the project are always appreciated, so if you would like to support us with a donation you can do so here.
Hosting provided by Mythic-Beasts. See the Hosting Information page for more information.