OpenWrt support for Deco S4

Interesting... Can you check a initramfs image build by our system if it has the uencrypt package?

Oh, uencrypt is in the buildbot squashfs-sysupgrade image, just not the initramfs-kernel image.

Which is fine, since the install instructions are going to say to install sysupgrade from the initramfs image anyway. Should be ok I guess

but the uencrypt package should be installed by default...

It is, at least in the squashfs-sysupgrade image.

I don't know if my initial expectation to see it in the initramfs-kernel is even valid.

Although, surely there exists some other target-specific module that is required to boot an initramfs for some device (i.e. a kmod). buildbot has to have some way to bake that into the initramfs-kernel image for those devices. I'm just not smart enough to know the mechanism openwrt uses for that, or if we would even want that for uencrypt (which is not absolutely necessary to boot obviously)

I binwalked the tplink_deco-s4-v2 snapshot image and it contains uencrypt. So. the essence of the problem is not clear for me.

~/temp/_openwrt-ath79-generic-tplink_deco-s4-v2-squashfs-sysupgrade.bin.extracted/squashfs-root/usr/bin$ ls -la | grep uencrypt
-rwxr-xr-x 1 xxxxx xxxxx  8213 Sep 12 00:43 uencrypt

this is sysupgrade the concern was that initramfs and i think also factory doesn't have the package

uencrypt is in place in deco-s4's factory.bin.

Yes, the unexpected part was only that the initramfs image did not have uencrypt.

I see that for the other Arcadyan WG4хх223 devices that need it, they have telnet so they just flash the sysupgrade directly.

On the DecoS4, we have no telnet and have to hack uboot to bypass signature verification, so we just boot to the initramfs version initially as a temporary measure to install sysupgrade.

So its not a big deal that the macs are bogus during the temporary initramfs foothold since they will be fixed when the sysupgrade is installed, I just wasn't expecting it since I always built initramfs as a single target thus I got uencrypt there as well.

Ah, ok. Initramfs for Arcadyans wasn't tested because U-Boot is password protected and there is no way to interrupt boot process and start such type of image. Thus, this "feature" wasn't identified before. :slight_smile:

Well, with the expectation that you can't easily test the mac address decryption when operating in temporary initramfs mode during installation (no biggie), I think we have a successful snapshot being built, and it can even be flashed without opening the case. I'll add it to the table of hardware...

1 Like

No, I didn't risk totally destroying it.

Which sysupgrade image should I use? I've got the Deco S4R, FFC ID: TE7M4RV2

snapshot links (see caveats at

1 Like

Thank you! Worked perfectly.