Something went wrong, so I reset OpenWrt and restored settings I had backed up last year. But I cannot log into the web UI. I think the password is probably right, so maybe the user name is not 'root'. But I am not sure.
I have the config backup TAR file and can see the inside, but there are so many files that I do not know whether the ID/password data is. How can I find those information?
PS: For what it's worth, I think the config backup was made for a previous version of OpenWrt. I am using 18.06 now, but the config was made 18.03 or something, probably. If the ID/password are encrypted and cannot be retrieved, can I remove them from the backup file so that I could physically reset the router and restore the settings leaving the web admin ID/password as default?
Thanks. I had looked at the 'passwd' file, but it only had root and other common entries, like this:
root:x:0:0:root:/root:/bin/ash
I looked at the 'shadow' file as you suggested, and it also had only root and other common entries, like this:
root:$1$...
Does this mean that my web login ID is 'root'?
So, now I can see the hash, but what hash algorithm is this? I would like to check if it matches the password I thought of. If I knew the hash algorithm (such as MD5), I could hash the password and compare it with the one in the 'shadow'.
Trying to log in over SSH or into LuCI are probably a lot easier than recreating the password-check code, but you could probably find something with an Internet search if you wanted to try.
I could not find a way to recreate the hash to see if one of the passwords I often use matches the value in the shadow, so I tried to reset the device, but that fail-safe reset does not seem to work. I pressed the WPS/Reset button when starting the device, and the LEDs started blinking and then restarted, but the web UI still says incorrect username/password.
failsafe/ firstboot are working on the tl-wdr4300, I've used it many times in the past. Invoking the failsafe environment and mount_root will also allow you to set a new password using passwd without knowing the old one.
Given that the webinterface may be troubled by caching issues, I'd suggest to clear your browser cache and/ or prefer ssh for debugging.
I managed to get the fail-safe mode, but I could not reset the settings. When I tried the mount_root, it said: "jffs2 not ready yet, using temporary tmpfs overlay". And then when I reset settings (tried both just resetting the password and completely resetting the device), the next time I start the router normally, nothing has changed.
root@(none):/etc# firstboot
This will erase all settings and remove any installed packages. Are you sure? [N/y]
y
/dev/mtdblock3 is not mounted
/dev/mtdblock3 will be erased on next mount
I don't know why deleting all the settings should be this difficult...
That's interesting/ unexpected (I'd only expect this behaviour if the jffs2 overlay either is being formatted (after a factory reset), corrupted or full), but did you let it settle a bit longer (~5 minutes)?
It shouldn't take that long (as in a full 5 minutes), but it may take ~a minute (so giving it 5 minutes is on the safe side) before you try logging in (keep in mind that failsafe boots involve a lot of one-time scripts being executed, e.g. generating new ssh/ ssl keys, formatting jffs2 if necessary, e.g.), which just take time to complete (easily ~half a minute to a minute after you're already able to log in).
I waited 5 minutes, and then it worked. Now the settings are reset, and I could log into the web UI.
Now, I want to restore the settings without changing the root password. If I edit the shadow file in the backed up TAR file like this (decompress the TAR.gz, modify the shadow, then compress it to TAR.gz again), will it work?
root:*:0:0:99999:7:::
PS: I tried the above, and it did not work. It still asked for the root password which I don't know... So, I have to set all the settings manually?
Remove /etc/group, /etc/passwd and /etc/shadow from your backup tarball completely, that way they'll remain untouched when restoring the backup (meaning no password set, respectively the one you've just set).