Who can help or say how can i do: I just need to write down the login and password in the firmware, which no one knows, so that even after a reset without this data it would not be possible to log in through the web interface
Does it still work like that? I have two identical routers with the same openwrt version and identical password set and their /etc/shadow files are completely different. /etc/passwd on the other hand is the same even when there is no password set.
So is it still ok to put /etc/shadow file from my current running router and bake it into the new firmware? And is there any point in including /etc/passwd aswell?
/etc/passwd
, /etc/group
and /etc/shadow
need to be in sync and correspond (UIDs, GIDs) to the on-disk reality of your firmware (there is a tendency to compartmentalize dæmons, running them under a non-root UID and in an ujail).
So no, restoring an old /etc/shadow
on a newer firmware is not a good idea - but you can modify the new one accordingly. As an aside, passwords are salted and hashed - so the salted hash will differ, even for the same password - the hashing algorithm might change between firmware versions.
Hard-setting passwords is a bad idea (ask Netgear, Linksys, etc). Ideally, you don't want one compromise to spread to other routers.
If you are worried about security, use a Password Manager, and then set strong passwords on the device. You can set it to securely share the credentials across your company/team/family/etc. BitWarden is popular and allows self-hosting.