Permission denied on LuCI and SSH after setting root password

Hikari · January 2, 2022, 9:40pm

I'm unable to understand why this is happening. After I write an image on my AMD64 router and set root password, I'm unable to login, both on SSH and on LuCI.

I'm able to login while password is blank. After setting it with passwd, when I login on SSH, I get Permission denied, please try again.. On LuCI I get a Invalid username and/or password! Please try again. That happens for the right password and when using a wrong password too.

I had also tried setting back a blank password and I keep getting permission denied.

Any idea on what might be causing it?

psherman · January 2, 2022, 10:36pm

Read only filesystem?

let's see the output of
mount

Hikari · January 3, 2022, 12:21am

It's not readonly because I'm able to write on it.

#mount
/dev/nvme0n1p2 on / type ext4 (rw,noatime)
proc on /proc type proc (rw,nosuid,nodev,noexec,noatime)
sysfs on /sys type sysfs (rw,nosuid,nodev,noexec,noatime)
cgroup2 on /sys/fs/cgroup type cgroup2 (rw,nosuid,nodev,noexec,relatime,nsdelegate)
tmpfs on /tmp type tmpfs (rw,nosuid,nodev,noatime)
/dev/nvme0n1p1 on /boot type ext4 (rw,noatime)
/dev/nvme0n1p1 on /boot type ext4 (rw,noatime)
tmpfs on /dev type tmpfs (rw,nosuid,relatime,size=512k,mode=755)
devpts on /dev/pts type devpts (rw,nosuid,noexec,relatime,mode=600,ptmxmode=000)
/dev/nvme0n1p3 on /opt type ext4 (rw,relatime)
debugfs on /sys/kernel/debug type debugfs (rw,noatime)
none on /sys/fs/bpf type bpf (rw,nosuid,nodev,noexec,noatime,mode=700)

trendy · January 3, 2022, 12:42pm

Caps lock, different language, special characters not compatible, browser cache.
Have you verified that the password is changed indeed when you use the passwd?

SidousDSade · January 3, 2022, 2:46pm

I am having this same issue on a TP-Link Archer C7 Rev2 that I just built. I also had the same issue on a Rev 5 yesterday.

frollic · January 3, 2022, 3:20pm

Try ssh:ing into the device, changing the password (don't log off), open a new ssh/http session, and try to login.

See what the logs say, using the existing session.

SidousDSade · January 3, 2022, 3:29pm

Yeah SSH'ing gives a Permission Denied error.

I should also clarify something from my post above:

"I am having this same issue on a TP-Link Archer C7 Rev2 that I just built. I also had the same issue on a Rev 5 yesterday."

Both are using the latest firmware on the website (for their respective revisions), and both were setup to be access points with static IP's. I am not sure that it matters or not, but I figured I should mention it.

frollic · January 3, 2022, 3:30pm

That's not what you were asked to test.
Make sure there's no other device using the same IP as your AP.

Hikari · January 3, 2022, 3:34pm

I verified that trying using a 6 char very simple password, and also tried a blank password hitting Enter directly. After I use passwd, I become unable to enter by SSH and LuCI, and no password I try works.

I did that too. I keep a session opened and try logging on another. The one I'm in keeps active and I'm able to change password on it.

frollic · January 3, 2022, 3:35pm

Not what you were asked to test/do.

Hikari · January 3, 2022, 3:36pm

That's what I understood on the quote. I logged and kept the session active, changed password then tried to login on another session and on LuCI.

As long as I don't logoff I keep the access and can do anything, but after changing password I'm unable to make new logins.

frollic · January 3, 2022, 3:40pm

You missed the most relevant, 2nd paragraph.

Hikari · January 3, 2022, 3:41pm

ah ok sorry

What log should I look at? how to see it?

frollic · January 3, 2022, 3:43pm

Try dmesg 1st...

Hikari · January 3, 2022, 6:57pm

Ok I changed password to one very simple. When I try to login it gives permission denied, for empty, wrong and right password.

dmesg prints no log for these login attempts.

trendy · January 3, 2022, 9:37pm

It won't show up in dmesg, use logread -f then try to login from the second session.

Hikari · January 3, 2022, 9:58pm

Mon Jan  3 18:54:49 2022 authpriv.info dropbear[4948]: Child connection from 192.168.xxxxx:49786
Mon Jan  3 18:54:53 2022 authpriv.notice dropbear[4948]: Auth succeeded with blank password for 'root' from 192.168.212.121:49786
Mon Jan  3 18:55:06 2022 authpriv.info passwd[4958]: password for 'root' changed by 'root'
Mon Jan  3 18:55:12 2022 authpriv.info dropbear[4961]: Child connection from 192.168.xxxxx:49796
Mon Jan  3 18:55:15 2022 authpriv.warn dropbear[4961]: User account 'root' is locked
Mon Jan  3 18:55:17 2022 authpriv.warn dropbear[4961]: User account 'root' is locked
Mon Jan  3 18:55:19 2022 authpriv.warn dropbear[4961]: User account 'root' is locked
Mon Jan  3 18:55:19 2022 authpriv.info dropbear[4961]: Exit before auth from <192.168.xxxxx:49796>: (user 'root', 3 fails): Max auth tries reached - user 'root'
Mon Jan  3 18:59:40 2022 user.info : luci: failed login on /admin/network/firewall/rules for root from 192.168.xxxxx

So, looks like changing the password is locking root?

anon89577378 · January 4, 2022, 1:20am

Three failed login attempts...

Hikari · January 4, 2022, 1:57am

yes, I tried until it gave up

anon89577378 · January 4, 2022, 2:19am

It appears SSH honors the password, but LuCI doesn't care.

So if you have LuCI access, can you reflash the sysupgrade image for the OpenWRT version you're running.

That should preserve your config settings (except for packages you installed later) and totally re-install OpenWRT...which should clear the password.

Might also be a good opportunity to use a password manager, so you'll know exactly what was entered and saved in LuCI...and what SSH is expecting.