Full SSH access with real root account - acc-/tplink-archer-c2300 GitHub Wiki
Introduction
This section describes how to turn on remote ssh access with regular root user. You'll need serial adapter connected to perform these steps. At this point you need to be logged in as root (using your serial adapter attached to router).
Mount the filesystem in read-write mode
Please see Saving files permanently to remount your / and /etc directories
Updating config xml to enable sys account login
If you previously enabled limited SSH access (by adding RemoteSSH
flag in xml file directly), you need to remove this flag first:
uci delete dropbear.dropbear.RemoteSSH
Then perform these commands:
uci set dropbear.dropbear.SysAccountLogin=on
uci commit dropbear
lua -e 'require("luci.sys.config").saveconfig()'
These changes are required for /etc.init.d/dropbear
script, because it was appending flags unsupported by the new dropbear binary (causing it to abort starting up). The last command makes your uci changes permanent.
Copying new dropbear binary
Transfer the new dropbear binary to /usr/sbin
overwriting the old file (you can backup the old one first if you wish). The easiest way is to transfer the file via pendrive, which will be automatically mounted as /mnt/sda1 when you plug it into the router. Don't forget to chmod +x /usr/sbin/dropbear
:)
Setup root password
Edit /tmp/root/etc/rc.local
and include the command to set root password. The command below sets root password to 'admin'
sed -i 's/root:x:0/root:$1$6fOOmpc6$I58ozowznZOkIRazKo6Bq0:16800/g' /etc/shadow
You could actually try to edit /tmp/root/etc/shadow
directly, but I'm not sure if this will work. /etc/shadow might be overwritten during startup.
I personally created my own startup script in /data/custom.sh
#!/bin/sh
sed -i 's/root:x:0/root:$1$6fOOmpc6$I58ozowznZOkIRazKo6Bq0:16800/g' /etc/shadow
and modified /tmp/root/etc/rc.local
file to call my script. This gives me the flexibility to modify my own boot scripts without remounting /etc partition. /data is always mounted read-write, so I can modify custom.sh
script anytime. The content of my /etc/rc.local
file is listed below.
root@AC2300:/data# cat /tmp/root/etc/rc.local
# Put your custom commands here that should be executed once
# the system init finished. By default this file does nothing.
tddp &
(/data/custom.sh | tee /data/custom.log) &
exit 0
Enjoy
Reboot and pray to have a working router with ssh enabled over network :)
Persist your ssh server keys
You will notice that every router restart causes server identity keys to be changed. To fix it, login to your box (once ssh is running), remount your /etc
in read-write mode and copy the current keys to /tmp/root/etc/dropbear
with this command:
cp /etc/dropbear/dropbear_*key /tmp/root/etc/dropbear/