Lost Admin Access after 15.05.1 -> 17.0.1.1 Upgrade on TEW-732BR

After doing the titled upgrade I lost the ability to access the router via http, https, ssh and telnet. The router continues to otherwise work. My situation is very similar to [thread]3398[/thread] except I have no access.

The 15.05.1 install was done with a installation image while the 17.0.1.1 upgrade used the smaller upgrade image. If my problem is a checksum issue, my LEDE image was built with the Image Builder using 17.0.1.1 packages.
I am using OpenBSD 6.1 with libressl if the cipher matter. The libressl developer have been weeding out some older, vulnerable protocols like sha1. I had set a password in luci and I understand that telnet is subsequently disabled. My ssh syntax is

ssh root@192.168.2.1 and the error is that connection on port 22 is rejected.
I'm using chromium in OpenBSD 6.1 for http access (I've seen reports that some browsers work better.

How to Fix this?

Thinking about:

  1. Manually adding a host key in ssh if I can extract it from the 17.0.1.1 image
  2. Resetting the device
    My web searches found this reset recommendation.

I found this entry in the LEDE installation guide that I either missed or was added since I read it about 2 weeks ago. The entry was last edited April 25, 2017.

I did keep my settings. Is there a way to go back to the LEDE installation settings?

Perform a factory reset.

It sounds like you missed a setting under System / Administration:

SSH access using DropBear Instance:

Interface: mark the interface you want to use to access the router (most likely LAN)

I think this is right. The upgrade did not restart luci, I waited 20 minutes. I refreshed the page and did mess with the system settings.

I had my OpenWRT settings backed up in a tar.gz that I have extracted. What syntax do I need to ssh into a different instance. Can I tell from the backup what ports may be open?

If I perform a factory reset do I reset to OpenWRT or the original Trendnet TEW-732BR?

Factory resets under LEDE/OpenWrt merely disable your custom settings (ie disabling /overlay temporarily). You can still mount it manually once you manage to log in, and change the settings responsible for locking you out, or start from scratch altogether.

Thanks for the F/U. It took multiple attempts but I managed to put the router into failsafe. All is well now :slight_smile: