How to Reboot (TP-LINK router with original firmware) from AC PRO with LEDE Reboot 17.01.4, is it possible?

Continuing the discussion from A few SQM benchmarks:

Hello everyone,
It is possible to reboot a TP-LINK Archer C7 with original firmware on the same LAN from AC PRO with LEDE.

Seeing this post I have thought if it would be possible from a Script or programmed Crontab sentence:
By the IP of the TP-LINK,
or via SSH port 22 ...?

The AC PRO has the fixed IP 172.30.100.1 and the TP-LINK the fixed IP 172.30.100.2, at 6.00 am I restart the AC PRO with scheduled tasks, I can add some more solution from LUCI or .sh program

Where can I find more information,
Thank you very much for your time,
Cheers,

Joan,
BCN.

You could add a scheduled cronjob to your AC PRO device:

ssh -t root@172.30.100.2 'reboot'

EDIT:

Ofc ... forgot the passowrd issue. You would need sshpass (or working with ssh keys if supported) for this to work.

sshpass -p 'password' ssh -t root@172.30.100.2 'reboot'

But solution of @peternikolow has a lot more charm.

Yes,

new version of TP-Link devices have "scheduled boot" function in their firmware.

Here is old interface w/o this functionality.

1 Like

Thanks Peternikolow, for my C7 has the old version and it only allows restarting by web and manually, apart from it it is a dumb AP for Wi-Fi and does not have WAN, therefore, nor NTP, nor exact time, and it does not allow to carry out scheduled tasks for that purpose, thanks for your time.
(Well as far as I have come to try to configure it)

Thanks Pwned, your option is basically what I was looking for, I will try it and comment, thank you very much to both of you,

Cheers,

P.D.
OK, I'll prove it like this,
By the way SSHPASS needs some extra package installed ... ???

0 6 * * * sshpass -p 'password' ssh -t root@172.30.100.2 'reboot'

Joan,
BCN.

1 Like

Yes, sshpass is an extra package/program which has to be installed first.

sshpass, 1.06-1, 4.8 KB, Sshpass is a tool for non-interactively performing password authentication…

You could try to download the ipk for your architecture, extract it and place it into /root if possible.

EDIT (take just the binary file (sshpass) included in data.tar.gz):

https://downloads.openwrt.org/snapshots/packages/mips_24kc/packages/sshpass_1.06-1_mips_24kc.ipk

Hi,

I managed to install SSHPASS from the .ipk link, I've been trying to connect by ssh to the TP-LINK router (original Firmware) for many hours, opening ports, watching videos, and I can't get in through Putty, WinSCP, etc ...

If I run directly from PuTTY at root@172.30.100.1 from which I would run the scheduled task, (10 6 * * * sshpass -p '1769' ssh -t root@172.30.100.2 'reboot') it gives me RSA keys error and me I have run aground, not if it is possible what I intend, but I do not understand that PuTTy does not even let me enter TP-LINK C7 ...

Captura4

You will notice that the captures are with the IP 172.30.100.3 <---- 3
I have had to change it.
ssh-keygen -R I have read it but it has been very successful...

Captura1

Well if you can help me I would appreciate it, and if my request is not possible we will close the case,

Thank you very much to all

Joan.
BCN

1 Like

SSHpass is running on your LEDE AC PRO correctly (just verify executing the binary and see if you get output)?

There are two additional clips I've forgot:

  • make the file executeable with "chmod +x sshpass"
  • as this binary is not within the default search path you have to enter the full path pointing to the binary itself to be found by crontab. So sth. like:
    /path/to/sshpass -p 'password' ssh -t root@172.30.100.2 'reboot'
    the same applies if you want to run sshpass from within another directory which is not the same where the binary is placed itself.

ssh-keygen has to be installed. I don't know if it is available for LEDE. To make this approach working you would need to be allowed to place the keys on your TP-Link device also.

For the rsa mismatch error. I just could guess. I think it would be enough to delete /root/.ssh/known_hosts file on your AC_PRO device.

Hi pwned,

I still think that while I cannot enter from Putty by SSH to the router TP-LINK 172.30.100.2, the rest of the commands are never activated, I have tried the sshpass and the action from Putty with AC PRO hangs, it does not execute anything, it seems like if AC PRO can't find 172.30.100.2 from TP-LINK.

I'm looking for the << server refused to allocate pty >> error that Putty gives me when I try to enter through 172.30.100.2:22 in TP-LINK. I have NAT enabled and everything I have been able to read on the subject.

Captura4

I will continue looking for the solution, but I think this TP-LINK router is more than capable ...

Greetings and thanks,

Joan.
BCN.

1 Like

sshpass is to automate ssh login with a password by supplying the password automatically rather than requiring the user to type it. You have to be able to log in manually for it to work. (Public/private key pairs are the intended way to log in to ssh automatically, it is a built in part of ssh and it is more secure.)

SSH is vulnerable to man in the middle attack where someone creates a phony host that accepts your ssh login then forwards it to the real host. They can monitor the communication. To prevent this from happening, ssh hosts have a unique key which can be verified by a client and can't be duplicated by a man in the middle. These keys are accepted the first time you connect with ssh and stored at the client.

In root's home directory there will be a hidden file /root/.ssh/known_hosts. This contains the key signatures of remote hosts that you have accepted to trust. If you've never connected to a particular host before, there won't be an entry in the file and the automatic connection will fail. If a remote key changes you have to remove the line in the file corresponding to that host (or remove the whole file if you're only connecting to one), manually connect to the host once. ssh will prompt you with the key signature and require you to answer yes to trust it. This puts a new entry into known_hosts so now automatic login should work.

ssh_keygen -R is a helper part of an OpenSSH installation to automate finding a host in known_hosts and removing it. It isn't strictly necessary to have that program installed.

2 Likes

I don't know how TP-Link devices are configured (never owned a router of them) nor if SSH is available respectively has to be activated. I assumed you had this part already (until now). I doubt now.

A lot of routers do not allow SSH login at all (there is no server running). On the other side those routers who have SSH built in requiring often to activate the SSH server explicit. In most cases SSH access is restricted to local network only. So if you try to connect to TP-Link router over WAN interface you need to open port 22 in firewall settings on the router also.

1 Like

TP-Link routers used SSH to secure transmit information to router from mobile apps.

You can't use it as you wish because SSH can't allocate virtual console (pty).

2 Likes

Well, thanks for everything, in the end I appreciated having installed the original TP-LINK firmware, I read, searched and collected NOT very favorable information on the final operation of the router with its firmware.

I installed Openwrt 19.07.4 to the Archer C7 with Antenna, Channel, and Power parameters in Auto and the results are optimal, the point is that having very good values with original firmware, after a few weeks everything went to hell.

Cheers,
Joan,
BCN.