Set none default password

Who can help or say how can i do: I just need to write down the login and password in the firmware, which no one knows, so that even after a reset without this data it would not be possible to log in through the web interface

First boot / scripts / config files / best solution to have a configuration at first boot - #2 by vgaetera

2 Likes

Does it still work like that? I have two identical routers with the same openwrt version and identical password set and their /etc/shadow files are completely different. /etc/passwd on the other hand is the same even when there is no password set.
So is it still ok to put /etc/shadow file from my current running router and bake it into the new firmware? And is there any point in including /etc/passwd aswell?

/etc/passwd, /etc/group and /etc/shadow need to be in sync and correspond (UIDs, GIDs) to the on-disk reality of your firmware (there is a tendency to compartmentalize dæmons, running them under a non-root UID and in an ujail).

So no, restoring an old /etc/shadow on a newer firmware is not a good idea - but you can modify the new one accordingly. As an aside, passwords are salted and hashed - so the salted hash will differ, even for the same password - the hashing algorithm might change between firmware versions.

Hard-setting passwords is a bad idea (ask Netgear, Linksys, etc). Ideally, you don't want one compromise to spread to other routers.

If you are worried about security, use a Password Manager, and then set strong passwords on the device. You can set it to securely share the credentials across your company/team/family/etc. BitWarden is popular and allows self-hosting.