Limited SSH access without serial port - acc-/tplink-archer-c2300 GitHub Wiki

Once you download the Backup .bin configuration and convert to .xml file, you will see such a section:

<dropbear>
<dropbear name="dropbear">
<RootPasswordAuth>on</RootPasswordAuth>
<Port>22</Port>
<PasswordAuth>on</PasswordAuth>
<SysAccountLogin>off</SysAccountLogin>
</dropbear>
</dropbear>

To enable remote SSH console, you need to add <RemoteSSH>on</RemoteSSH> tag, so the section should look like:

<dropbear>
<dropbear name="dropbear">
<RootPasswordAuth>on</RootPasswordAuth>
<Port>22</Port>
<PasswordAuth>on</PasswordAuth>
<RemoteSSH>on</RemoteSSH>
<SysAccountLogin>off</SysAccountLogin>
</dropbear>
</dropbear>

once finished, convert to bin and upload using original firmware.

Connect via ssh. Use login name 'admin' or 'root'. Password is your web interface password. You should be successfully logged in as 'admin' user - even if you used 'root' as your login.

In theorey the 'admin' account has gid=0, but dropbear somehow modifies to have different primary group, so you're not fully a root on the box.

Unfortunately, the installed dropbear is ancient one, and always logs in as admin user. This behaviour can be changed by switching SysAccountLogin flag to on, but once you do this change you will never be able to log in with ssh - even as admin user. You've been warned.