Associated stations - making hostnames visible across multiple APs

Whilst researching this topic myself I found a number of threads with different solutions to the problem of making hostnames visibile across multiple access points. Unfortunately those threads are locked, so I'm creating this one to share my own (different) solution to the problem.

Most threads focus on getting an entry into the ARP table, using tools such as fping, arp-scan, etc.

My approach is somewhat different - I'm running a cron job to copy /tmp/dhcp.leases from the "primary" router (ie, device running DHCP/dnsmasq) out to the "secondary" access points.
This was the result of looking at how LuCI "assembles" its status overview.
Warning: This approach would not be suitable if your secondary APs are acting as DHCP servers!

Approach:

  1. Create SSH keys on the primary device:
dropbearkey -t rsa -f ~/.ssh/id_dropbear
  1. Add the generated public key to the accepted keys on the secondary access point(s) (System > Administration > SSH-Keys)
    (note if you need to get the public key again, you can dump it with dropbearkey -y -f ~/.ssh/id_dropbear on the primary device)
  2. Add cron jobs on the primary device to copy /tmp/dhcp.leases to secondary devices
*/5 * * * * scp /tmp/dhcp.leases root@<secondary device>:/tmp/dhcp.leases
etc etc

I hope someone else finds this useful. As an added benefit I can now see dhcp leases regardless of whether I log into the primary device, or any of the secondary APs.

Other threads for reference:

Before and after screenshots:

14 Likes

Thank you!

1 Like

@pkmann

Thanks so much for this guide! It is really helpful especially for someone like me who's very new to Linux and OpenWRT.

Just few notes for beginners like me:

1- The dropbearkey command gave me an error complaining about the ~/.ssh/ directly. So I have created it with: mkdir ~/.ssh/

2- Though this is super clear in the guide above and logical, but I spent some time scratching my head because the SCP copy command is not working. Turns out that I was running it on the secondary not the primary router. The syntax of the SCP command is SCP From_location To_Location

3- The cronjob did not update the file for me at first. So I tested by running the command scp /tmp/dhcp.leases root@192.168.100.130:/tmp/dhcp.leases (basically the command that the cronjob runs every 5 minutes) and THEN it asked me if I want to add the secondary router to list of trusted devices because it is the first time I SSH to it from my primary router and I entered Y and after that the cronjob started working. I'm not sure if there is an issue in my setup as I thought the key that was generated should take care of this, but at the end it worked this way. So if you have issues, run the SCP command and see if the file gets copies in the Secondary router. I used WinSCP to access it and see if the command is working.

4- This is how to add the cronjob:
a- Use Putty to SSH to the PRIMARY router
b- run the command crontab -e
c- press i to go into insert mode
d- paste the line. In my case it is: */5 * * * * scp /tmp/dhcp.leases root@192.168.100.50:/tmp/dhcp.leases
e- press escape to go into command mode
f- enter :wq to save and quit
g- run this command to apply changes: /etc/init.d/cron restart
h- run this command to verify your have added the cronjob correctly. It should show what you have pasted: crontab -l

5- The etc etc at the end of the cronjob above is probably a typo.

5 Likes

THX for the clear post
I followed the guide and it works fine (file is copied, and manual copy works either)
crontab file has an EOL at the end (empty line)
But one concern with my system log reporting such message looking like cron error message

Tue Nov 22 00:42:00 2022 cron.err crond[6299]:  line scp /tmp/dhcp.leases root@AP_IP:/tmp/dhcp.leases

While I dont see error in the execution what's doing wrong? true error or standard cron report?
THX for guidance

PS viewing the existing .ssh directory, just log as root (Putty or other) then "ls -a" will show the hidden files => therefore no need to create

What does the output of crontab -l on your device look like?
It should be something like this:

root@xxxxxx:~# crontab -l
*/1 * * * * scp /tmp/dhcp.leases root@yyyyyyy:/tmp/dhcp.leases

looks exactly like yours except /5 instead of /1

root@XXX:~# crontab -l
*/5 * * * * scp /tmp/dhcp.leases root@IP_AP1:/tmp/dhcp.leases
*/5 * * * * scp /tmp/dhcp.leases root@IP_AP2:/tmp/dhcp.leases

and as said previously everything works (copy is updated every 5mn) but with a logged cron.err message

If you want to suppress these messages:

uci set system.@system[0].cronloglevel='9'
uci commit system
/etc/init.d/cron restart

I cannot tell this from the crond log message alone, but since it works fine, I would guess there was no error.

OK THX I'll stay like it is by default to level 5
as moving to cronloglevel=9 well modifies the reporting level with no report of the cron start nor of the scp copies every 5 mn. But it also donnot report of true errors (I introduced a wrong line in the crontab for testing and it was not detected)

This post gives an explanation at the end

BR

1 Like

Wow, working great!
Should add the same command on startup also?
Maybe cron job is executing the code also on startup?

Thanks @pkmann !! Learned something new and improved user experience on access points :grin:

@66enligne same cron reports err even if command executed successfully. looks like its done to save memory Cron.err - why? - #5 by biangbiangmian

This may help as well:

1 Like

Any chance this can be made into a package or added to Luci by default for all those folks to like to manage their devices from within Luci?

I'm having trouble making the directory.

It won't create the folder because a file exists, but no file exists?

root@rp4-openwrt:/# mkdir ~/.ssh/
mkdir: can't create directory '/root/.ssh/': File exists
root@rp4-openwrt:/# ls
bin         dev         lib         lost+found  overlay     rom         sbin        tmp         var
boot        etc         lib64       mnt         proc        root        sys         usr         www
root@rp4-openwrt:/# mkdir ~/.ssh/
mkdir: can't create directory '/root/.ssh/': File exists
root@rp4-openwrt:/# cd /.ssh/
-ash: cd: can't cd to /.ssh/: No such file or directory

Edit

It has created a new folder /root/.ssh is that the correct folder structure or should it be /.ssh/ ?

Edit 2

I've got it working. Thanks for adding those tips.

How to do this from command line?

Your answer is contained within the quote. What issue are you experiencing?

1 Like

My question is how to add a public key from the command line instead of Luci Web UI.

Post # one.

1 Like

I thought this was about generating SSH keys, not adding a public key on the secondary device.

And?

dropbearkey

Usage: dropbearkey -t <type> -f <filename> [-s bits]
-t type	Type of key to generate. One of:
		rsa
		ed25519
-f filename    Use filename for the secret key.
               ~/.ssh/id_dropbear is recommended for client keys.
-s bits	Key size in bits, should be a multiple of 8 (optional)
           Ed25519 has a fixed size of 256 bits
-y		Just print the publickey and fingerprint for the
		private key in <filename>.

1 Like

I want to do this:

using command-line