Failsafe with lede/openwrt


i dont wat someone change the settings of my router...

1 Like

The effect of pressing a button is that a script in /etc/rc.button is called. You can edit or remove those scripts or chmod -x them.

It can also be disabled in menuconfig if compiling an image

I figure that if someone has physical access to my network, I've got bigger problems then them struggling to click the button just right to get my router into OpenWRT failsafe mode.

I think you've got a TP-Link router. If so, disabling the OpenWRT failsafe mode isn't going to disable the TP-Link TFTP boot loader.

If you're really wonked about it, put a firewall between the rest of your network and the TP-Link's LAN ports and block

While slightly semantical, having physical access to a network and physical access to the router as root are two completely different things, with the semantics depending on the situation and mainly applying to random guests, friends, or family.

  • While physical access to the network entails only an ethernet cable, root access without a password or PKI is only possible via failsafe mode or serial.

Probably best to buy or construct a physical lock that covers the button. Something at the hardware store with a hinge / hasp and some super-glue or the like. You WILL eventually need to use that button so completely eliminating the function is just asking to brick your router eventually.

You could perhaps also have it do all the normal failsafe stuff except enable ssh with a default password or a public key that you've set, at least then you can recover from network misconfiguration while retaining ssh security.

For businesses, this should always be how routers and servers are housed, but for consumers, this is overkill, unless there's specific security reasons for doing so.

Since anyone flashing 3rd party firmware should have a USB-TTL or USB-UART before flashing, there is zero need for a reset button or failsafe mode provided one has a means to access the serial header/pads.

  • I disable failsafe mode in all my builds via menuconfig, as there's no point to it if one has access to the serial interface.

That's an unreasonable assumption, in my opinion. I've been flashing third-party firmware since the early WRT54g days, and never opened a router to attach a serial cable.

Well, I suspect lots of people do flash firmware without a serial cable, I know I do, so yes, either you need a serial cable, and often to solder headers on the board, or you need something else... like failsafe mode.

So how exactly would you go about unbricking your router if you bricked it from a bad firmware flash?

TFTP from the bootloader

And how do you access the bootloader without a means for TTL communication?

Don't need to, the TP-Link boot loader tries to connect to a TFTP server at a known IP address, or, with some of my long-retired devices, opens a TFTP server that you can "grab" during the boot process.

You're making several erroneous assumptions about the vast majority of devices and users based upon your own subjective experience and knowledge.

  • While TP-Link routers may have that feature, at least some, if not most, Netgear and Linksys devices do not.

  1. Unbricking a router from a corrupted flash is just one of the two reasons why one should have serial access:
    • How is any arbitrary user supposed to know:
      • Whether or not their device bootloader operates in this manner?
      • What subnet they need to assign a static IP from?
        • There's hundreds of millions of possible subnets (tens of millions with /24) within RFC1918
          • For example, my ClearFog Pro uses a non-chronological, random subnet for trying to auto tftpboot, whereas all my WRT AC Series routers will not attempt to auto load any image in Uboot
      • What the naming scheme should be for the img or zImage and dtb files?
      • What the issue is if errors occur?

    • I'm assuming you know the information aforementioned in each question for your devices, but this is not information most users have, let alone know where to garnish it.
      • Perhaps the arbitrary user stumbles across a wiki, perhaps not... either way, for the arbitrary user it's far more efficient to simply connect via serial and flash if a corrupted flash occurs, taking only 1 - 2min to flash if one is not familiar with the commands required.

  2. The other is troubleshooting:
    • Without a TTL connection (USB-TTL, USB-to-UART, Arduino, MAX232 break out board, etc.), there's no way to determine what an issue is if the router boots, does not load LuCI, and refuses an SSH connection.
      • Serial allows one to see the full boot log while a device is booting, and provides CLI access in lieu of SSH if SSH and LuCI are inaccessible.

I'd bet that if you ran a survey of users of third-party software on home routers, you'd find that the vast majority of them them simply download it from OpenWRT, LEDE, DD-WRT, Tomato, what have you, and flash it. I'd further bet that only a tiny fraction have the equipment to make a serial connection and even fewer have ever opened the device and connected it.


You may very well be correct, but it's definitely not the easiest, or correct, way to go about this. I'll leave it at this:

  • I've never come across a brick and mortar store that caries USB-TTL cables or USB-to-UART boards, so if a situation ever arises when they're needed, a user will face ~5 days of down time or will end up paying several times the cost of the product for overnight/2-day shipping
    • FTDI USB-TTL cables are ~$25USD, FTDI USB-to-UART boards are ~$15USD
      • If one already has an Arduino or other SBC, they can utilize this in lieu of

  • There's a reason most experienced users recommend having some means for USB-TTL communication, and when users choose to disregard such an important recommendation, they should not be surprised when they're told they need one to troubleshoot boot or inaccessibility issues.

I believe in having the right tools for the job, as doing so makes one's life far easier when problems arise.

  • I personally recommend simply installing a 3.5mm jack on the router and using a USB-TTL AJ [Audio Jack] cable.
    • Directions on how to do so can be found under the USB-TTL AJ sub-heading
    • This makes opening the case a one time event.

my point has already been eleminating failsafemode a rc-button....which will prevent someone viewing the configuration inside the router specially the vpn...

i deleted the failsafe mode,is there a chane is will come back

Unless you exclusively disable it in menuconfig, it will be active upon flashing a new image