Can't SSH to router (missing /etc/config/dropbear )

aopskeletor · April 22, 2020, 8:13am

I set up my router with OpenWRT and LuCI last year and from memory I've never been able to SSH in to it but that hasn't been a problem until now.

I want to install some software but I can't login via SSH.

I can login to Web UI as root fine but when I try to connect via SSH it tells me wrong password. I had OpenSSH installed at some point and after some reading this disables root login by default so assumed it was due to that, so I've removed the OpenSSH server leaving just Dropbear installed but hasn't made a difference. I've removed Dropbear and reinstalled to no avail.

From reading various docs there should be a Dropbear configuration screen under System > Administration but there isn't one. All I have is reset root password (which I've also tried but still doesn't work).

I've been looking at trying to get a file editor installed via LuCI web admin, then I'd be able to go in to OpenSSH server config and permit root login but I can't find anything that allows me to do that.

What options do I have? I'd rather not have to reinstall OpenWRT as I've got a lot of DNS/Firewall bits set up.

Hegabo · April 22, 2020, 8:30am

You don't have the Add Instance button at the bottom?

Have you tried something like WinSCP? You can edit files there. It will probably fail for the same reason SSH fails, but wouldn't harm to try.

If all fails and you end up having to reset or reinstall, you can always back up the settings, and then use the individual config files from the back up archive you selectively replicate the good parts of the settings to the new installation. That sure would include some work but can be a last resort.

aopskeletor · April 22, 2020, 8:48am

There's no SSH Access or SSH-Keys tabs at all. The only tab is Router Password which doesn't appear to be linked to the SSH login or something else has gone funny with SSH.

Interestingly sometimes when opening PuTTY I get no connection to the router at all (i.e. can't establish a connection over SSH, web works while this is happening), although this is sporadic. Other times I'm prompted for password. EDIT: This is because I uninstalled OpenSSH, I looked at the processes tab and Dropbear wasn't listed which I assume is because there were no instances.

I'm thinking a re-install may be in order.

lleachii · April 22, 2020, 1:49pm

@aopskeletor, welcome to the community!

If you flashed an older version, they used Telnet. If that's the case, it would be a good reason to update, as you will not find much support for the older versions of OpenWrt. Maybe you have a telnet instance running.

You wouldn't have to reinstall OpenWrt in any case:

Download a backup of config
Reset the router
Restore the config
Re-Install packages

aopskeletor · April 22, 2020, 2:05pm

I can't actually remember where I got OpenWRT from but status page shows firmware version as:

OpenWrt SNAPSHOT r11962-b6946542f8 / LuCI Master git-20.011.66524-83c6227

I'm guessing that this isn't a pure OpenWRT one but put together by someone else as the alternative partition has OpenWrt 19.07.0 installed.

trendy · April 22, 2020, 2:07pm

Snapshots are daily builds. They are better not to be used because they are not stable and they don't include Luci by default.
Which device is this?

aopskeletor · April 22, 2020, 2:43pm

Linksys WRT1900ACS

I think I took a build from somewhere with LuCI already set up as I was looking for something with OpenVPN already set up and configured, although I don't actually need that now.

hnyman · April 22, 2020, 2:46pm

You can end up in that error condition, if the file "/etc/config/dropbear" gets deleted.

In nutshell, you need to re-create /etc/config/dropbear AND also create a "dropbear" uci config section into that file.

I stumbled into the same problem a few months ago on a LuCI bug ticket, and I figured out a solution to return that file via LuCI...

opkg install "luci-app-commands" (Luci custom commands)
create three commands that create the dropbear uci config file, enter there the simplest uci content, and commit it:
- ```
    touch /etc/config/dropbear
```
- ```
    uci add dropbear dropbear
```
- ```
    uci commit dropbear
```
run those custom commands from LuCI

That creates enough good dropbear config file that the LuCI config page gets shown properly.

Discussion at:
https://github.com/openwrt/luci/issues/3528#issuecomment-575910989

aopskeletor · April 22, 2020, 2:52pm

Perfect.

Made sure both dropbear and openssh-server were both uninstalled.

Installed dropbear.

Set up the 3 commands above.

Tabs for SSH Access and SSH-Keys are now back and I can SSH in to the router.

Many thanks

hnyman · April 22, 2020, 2:55pm

I think that you could have done that also by

triggering the failsafe mode at reboot,
mounting rootfs
edit /etc/config/dropbear there (or use the same commands to create & populate it without editor)

But naturally you first need to know, what exactly needs fixing

system · May 2, 2020, 2:55pm

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.