[Solved] How to enable or install SSH on newifi d2 router

mykelm03 · April 22, 2021, 8:42am

sorry, newbie. got a newifi d2 router from a friend and tried to access it via winscp but getting error "connection to "IP" is refused". tried to run port scanner nmap below is the output

Scanning 192.168.99.1 [1000 ports]
Discovered open port 139/tcp on 192.168.99.1
Discovered open port 23/tcp on 192.168.99.1
Discovered open port 445/tcp on 192.168.99.1
Discovered open port 8080/tcp on 192.168.99.1
Discovered open port 53/tcp on 192.168.99.1
Discovered open port 80/tcp on 192.168.99.1
Increasing send delay for 192.168.99.1 from 0 to 5 due to 37 out of 92 dropped probes since last increase.
Discovered open port 8200/tcp on 192.168.99.1
Discovered open port 14000/tcp on 192.168.99.1
Discovered open port 15003/tcp on 192.168.99.1
Increasing send delay for 192.168.99.1 from 5 to 10 due to 156 out of 389 dropped probes since last increase.
Discovered open port 15002/tcp on 192.168.99.1
Completed SYN Stealth Scan at 15:55, 37.80s elapsed (1000 total ports)

This is what is installed on the router

[root@newifi_022F:/root]#opkg list-installed
axel - 2.4-2
badblocks - 1.43.3-1
base-files - 157-2017-11-28-git-3e46f52
blkid - 2.24.1-1
block-mount - 2015-05-24-09027fc86babc3986027a0e677aca1b6999a9e14
busybox - 1.24.1-1
ca-bundle - 20160104
ca-certificates - 20160104
cfdisk - 2.24.1-1
chat - 2.4.7-8
client_test - 1
coreutils - 8.23-1
coreutils-dd - 8.23-1
coreutils-df - 8.23-1
curl - 7.53.1-1
dnsmasq - 2.75-6
dosfsck - 4.0-1
download - 1.0.0.1
dropbear - 2016.74-1
dumpe2fs - 1.43.3-1
e2fsprogs - 1.43.3-1
ebtables - 2.0.10-4-1
exfat-utils - 1.2.4-1
fdisk - 2.24.1-1
file-share - 0.01-1
firewall - 2015-07-27
fstools - 2015-05-24-09027fc86babc3986027a0e677aca1b6999a9e14
gargoyle-firewall-util - 1.0.0-1
get_tp_config_tool - 1.0-1
glib2 - 2.41.1-2
gpioctl - 1.0-1
hdparm - 9.39-1
hwnat - 4320
iotop_c - 1
ip - 4.0.0-3
ip-full - 4.0.0-3
ip6tables - 1.4.21-1
iperf - 2.0.5-1
iptables - 1.4.21-1
iptables-mod-bandwidth - 1.4.21-1
iptables-mod-conntrack-extra - 1.4.21-1
iptables-mod-extra - 1.4.21-1
iptables-mod-filter - 1.4.21-1
iptables-mod-imq - 1.4.21-1
iptables-mod-ipopt - 1.4.21-1
iptables-mod-iprange - 1.4.21-1
iptables-mod-nat-extra - 1.4.21-1
iptables-mod-timerange - 1.4.21-1
iptables-mod-weburl - 1.4.21-1
iwinfo - 2016-07-04-96d322d5941c57be58f8e8d5c6e2b28e90ed3598
jansson - 2.2.1-1
jq - 1.5
jshn - 2016-07-29-290c64ef5b5c3e75be851594f269d6a9568e64e5
jsonfilter - 2014-06-19-cdc760c58077f44fc40adbbe41e1556a67c1b9a9
kernel - 3.14.79-1-967c6ca28d516de3efb02e82e8400bc0
kmod-ata-ahci - 3.14.79-1
kmod-ata-core - 3.14.79-1
kmod-bridge - 3.14.79-1
kmod-crypto-arc4 - 3.14.79-1
kmod-crypto-core - 3.14.79-1
kmod-crypto-crc32c - 3.14.79-1
kmod-crypto-ecb - 3.14.79-1
kmod-crypto-hash - 3.14.79-1
kmod-crypto-manager - 3.14.79-1
kmod-crypto-pcompress - 3.14.79-1
kmod-crypto-sha1 - 3.14.79-1
kmod-ebtables - 3.14.79-1
kmod-fs-exfat - 3.14.79-1
kmod-fs-ext4 - 3.14.79-1
kmod-fs-msdos - 3.14.79-1
kmod-fs-ntfs - 3.14.79-1
kmod-fs-vfat - 3.14.79-1
kmod-fuse - 3.14.79-1
kmod-gpio-button-pandorabox - 3.14.79-1
kmod-gpio-dev - 3.14.79-1
kmod-gre - 3.14.79-1
kmod-ip6tables - 3.14.79-1
kmod-ip_rate - 3.14.79-1
kmod-ipt-bandwidth - 3.14.79-1
kmod-ipt-conntrack - 3.14.79-1
kmod-ipt-conntrack-extra - 3.14.79-1
kmod-ipt-core - 3.14.79-1
kmod-ipt-extra - 3.14.79-1
kmod-ipt-filter - 3.14.79-1
kmod-ipt-imq - 3.14.79-1
kmod-ipt-ipopt - 3.14.79-1
kmod-ipt-iprange - 3.14.79-1
kmod-ipt-ipset - 3.14.79+6.20.1-1
kmod-ipt-nat - 3.14.79-1
kmod-ipt-nat-extra - 3.14.79-1
kmod-ipt-nathelper - 3.14.79-1
kmod-ipt-nathelper-extra - 3.14.79-1
kmod-ipt-timerange - 3.14.79-1
kmod-ipt-weburl - 3.14.79-1
kmod-iptunnel - 3.14.79-1
kmod-ipv6 - 3.14.79-1
kmod-leds-gpio - 3.14.79-1
kmod-ledtrig-gpio - 3.14.79-1
kmod-ledtrig-heartbeat - 3.14.79-1
kmod-ledtrig-netdev - 3.14.79-1
kmod-ledtrig-timer - 3.14.79-1
kmod-ledtrig-usbdev - 3.14.79-1
kmod-lib-crc-ccitt - 3.14.79-1
kmod-lib-crc16 - 3.14.79-1
kmod-lib-crc32c - 3.14.79-1
kmod-lib-textsearch - 3.14.79-1
kmod-llc - 3.14.79-1
kmod-loop - 3.14.79-1
kmod-mppe - 3.14.79-1
kmod-mt7603e - 3.14.79-1
kmod-mt76x2e - 3.14.79-1
kmod-nfnetlink - 3.14.79-1
kmod-nls-base - 3.14.79-1
kmod-nls-cp437 - 3.14.79-1
kmod-nls-cp936 - 3.14.79-1
kmod-nls-iso8859-1 - 3.14.79-1
kmod-nls-utf8 - 3.14.79-1
kmod-ppp - 3.14.79-1
kmod-pppoe - 3.14.79-1
kmod-pppox - 3.14.79-1
kmod-pptp - 3.14.79-1
kmod-ralink-hwnat - 3.14.79-1
kmod-restrict - 3.14.79-1
kmod-sched-core - 3.14.79-1
kmod-scsi-core - 3.14.79-1
kmod-showspeed - 3.14.79-1
kmod-slhc - 3.14.79-1
kmod-stp - 3.14.79-1
kmod-tun - 3.14.79-1
kmod-usb-core - 3.14.79-1
kmod-usb-ohci - 3.14.79-1
kmod-usb-storage - 3.14.79-1
kmod-usb-storage-extras - 3.14.79-1
kmod-usb-uhci - 3.14.79-1
kmod-usb2 - 3.14.79-1
kmod-usb3 - 3.14.79-1
libacl - 20140610-1
libaio - 0.3.110-1
libattr - 20140610-1
libblkid - 2.24.1-1
libblobmsg-json - 2016-07-29-290c64ef5b5c3e75be851594f269d6a9568e64e5
libbz2 - 1.0.6-2
libc - 1.0.12-1
libcrc32 - 1
libcurl - 7.53.1-1
libericstools - 1.0.0-1
libevent - 1.4.15-1
libevent2 - 2.0.21-1
libexif - 0.6.21-1
libexslt - 1.1.28-1
libext2fs - 1.43.3-1
libffi - 3.0.13-1
libffmpeg-mini - 0.11.5-5
libflac - 1.2.1-1
libfuse - 2.9.3-2
libgcc - 4.8-linaro-1
libgcrypt - 1.6.1-1
libgd - 2.1.0-1
libgmp - 6.0.0-1
libgnutls - 3.3.16-1
libgpg-error - 1.12-1
libiconv - 7
libiconv-full - 1.11.1-1
libid3tag - 0.15.1b-4
libintl - 2
libintl-full - 0.18.2.1-1
libip4tc - 1.4.21-1
libip6tc - 1.4.21-1
libiptbwctl - 1.0.0-1
libiwinfo - 2016-07-04-96d322d5941c57be58f8e8d5c6e2b28e90ed3598
libiwinfo-lua - 2016-07-04-96d322d5941c57be58f8e8d5c6e2b28e90ed3598
libjpeg - 6b-1
libjson-c - 0.12-1
libjson-script - 2016-07-29-290c64ef5b5c3e75be851594f269d6a9568e64e5
liblua - 5.1.5-1
libminiupnpc - 1.9-1
libmnl - 1.0.3-1
libnatpmp - 20110808-1
libncurses - 5.9-1
libnettle - 2.7.1-1
libnfnetlink - 1.0.1-1
libnl-tiny - 0.1-3
libogg - 1.3.2-2
libopenssl - 1.0.2e-1
libpcre - 8.35-2
libpng - 1.2.51-1
libpopt - 1.16-1
libpthread - 1.0.12-1
libreadline - 6.2-1
libroxml - 2.3.0-2
librt - 1.0.12-1
libsqlite3 - 3080704-1
libsrtp - 1.4.4-1
libstdcpp - 4.8-linaro-1
libubox - 2016-07-29-290c64ef5b5c3e75be851594f269d6a9568e64e5
libubus - 2016-01-26-619f3a160de4f417226b69039538882787b3811c
libubus-lua - 2016-01-26-619f3a160de4f417226b69039538882787b3811c
libubus_dt - 0.1
libuci - 2016-02-02.1-1
libuci-lua - 2016-02-02.1-1
libuuid - 2.24.1-1
libvorbis - 1.3.4-2
libwebsockets-openssl - 2.0.2-1
libxml2 - 2.9.2-2
libxslt - 1.1.28-1
libxtables - 1.4.21-1
lua - 5.1.5-1
maccalc - 1
mfc_d1 - 1
minidlna - 1.1.5-1
miniupnpd-pandorabox - 1.8.20140523-4
mkdosfs - 4.0-1
mtd - 21
nbtscan - 1.5.1
netifd - 2016-11-21-153a12143b9fef4b5d3c3a6597f6fe967a17c9d7
nginx - 1.4.7-1
nginx-naxsi - 1.4.7-1
nginx-syslog - 1.4.7-1
nrpcd - 1
ntfs-3g - 2017.3.23-1-fuseext
ntfs-3g-utils - 2017.3.23-1-fuseext
ntfsprogs - 2.0.0-2
nuci2 - 1.0
nvram - 10
odhcpd - 2016-11-14-6292fcd5c2b73cdc3cbc8942672cf7a4173354b1
openssl-util - 1.0.2e-1
opkg - 9c97d5ecd795709c8584e972bfdf3aee3a5b846d-10
pbfw-fwcheck - 1
pbmsa-utils - 1.0-1
pear_cdn - 1.0.0-1
php-pear - 1.5.4-1
php-pear-db - 1.7.11-1
php-pear-xmlrpc - 1.5.1-1
php5 - 5.4.27-1
ppp - 2.4.7-8
ppp-mod-pppoe - 2.4.7-8
pppoe-discovery - 1.0
pppstats - 2.4.7-8
procd - 2016-12-13-f800ecf860addd4fc7f1acde76a9adbd4b1f50e7
ralink-utils - 1
restrict_app - 1
rpcd - 2015-01-10-f00890cd6eb47ad9bb5da0fb6c50aedc8406e7c5
rpcd-mod-iwinfo - 2015-01-10-f00890cd6eb47ad9bb5da0fb6c50aedc8406e7c5
samba4-server - 4.0.26-1
shellsync - 0.2-1
smartqos - 1
speedtest - 1
sqlite3-cli - 3080704-1
swap-utils - 2.24.1-1
swconfig - 10
tc - 4.0.0-3
terminfo - 5.9-1
transmission-daemon - 2.92-1
ubox - 2016-03-07-fd4bb41ee7ab136d25609c2a917beea5d52b723b
ubus - 2016-01-26-619f3a160de4f417226b69039538882787b3811c
ubusd - 2016-01-26-619f3a160de4f417226b69039538882787b3811c
uci - 2016-02-02.1-1
uclibcxx - 0.2.4-1
uhttpd - 2015-11-08-fe01ef3f52adae9da38ef47926cd50974af5d6b7
uhttpd-mod-ubus - 2015-11-08-fe01ef3f52adae9da38ef47926cd50974af5d6b7
unrar - 5.1.6-1
unzip - 6.0-3
upgrade_forced - 1.0
usbreset - 4
wan-check - 1.0.0-1
wget - 1.17.1-1
wireless-tools - 29-5
xCloud-usb-utils - 0.1
xCloudClient_session - 0.1
xapi - 0.1
xc_cdn - 1.0.0-1
xcloud-wifi-utils - 0.1
xcloud_appd - 1
xcloud_manager - 1.0
xipk - 1.0
zlib - 1.2.8-1
[root@newifi_022F:/root]#

What should I do? could someone help me? thanks in advance

ASFP · April 22, 2021, 8:56am

Please use the </> function for long texts

SSH is installed by default on OpenWRT. You also have dropbear installed, which handles ssh as far as I know.
Your Port-Scan shows that the standard Port 22 is closed so either ssh is disabled or another port is used.

Port 23 which is open should be telnet, but im not sure if OpenWRT has telnet enabled.

So I would suggest to check if ssh is enabled via the LuCI WebInterface and test if ssh is on port 23 (as your friend may changed it from 22 to 23).

mykelm03 · April 22, 2021, 9:00am

hi, router web interface is still on newifi default. i was about to change the firmware of the router to openwrt. this is what i only see when accessing the router via telnet,

BusyBox v1.24.1 (2017-12-14 13:33:05 CST) built-in shell (ash)


  _______________________________________________________________
 |    ____                 _                 ____               |
 |   |  _ \ __ _ _ __   __| | ___  _ __ __ _| __ )  _____  __   |
 |   | |_) / _` | '_ \ / _` |/ _ \| '__/ _` |  _ \ / _ \ \/ /   |
 |   |  __/ (_| | | | | (_| | (_) | | | (_| | |_) | (_) >  <    |
 |   |_|   \__,_|_| |_|\__,_|\___/|_|  \__,_|____/ \___/_/\_\   |
 |                                                              |
 |                  PandoraBox SDK Platform                     |
 |                  The Core of SmartRouter                     |
 |       Copyright 2013-2016 D-Team Technology Co.,Ltd.SZ       |
 |                http://www.pandorabox.org.cn                  |
 |______________________________________________________________|
  Base on OpenWrt BARRIER BREAKER (3.2.1.7400, 2017-11-28-git-3e46f52)
[root@newifi_022F:/root]#

and got no working port 22 to use for WinSCP. is there any workaround for this? im no guru or deep knowledge in CLI. just copy paste of the commands what i could see on the internet.

mykelm03 · April 22, 2021, 9:01am

how would i enable the SSH for this router? please assist.

ASFP · April 22, 2021, 9:02am

So you haven't installed OpenWrt on the router?

mykelm03 · April 22, 2021, 9:03am

no sir, havent installed openwrt. any help would greatly appreciate....

ASFP · April 22, 2021, 9:11am

So if the router has stock firmware this video should describe the necessary steps

EDIT:
I also found this guide on how to jailbreak the router but I can't advise to do so. Mainly because you have to download a "untrusted" file.
https://raspiblog.noblogs.org/post/2020/12/21/flashing-openwrt-to-newifi-3-d2-wifi-router/

mykelm03 · April 22, 2021, 10:16am

appreciate it but on 1:07, router is already jailbreak. there is a procedure before that (jailbreaking) that requires access to the router using WinSCP and uploading the file for jailbreaking which is not shown on the video. on the video only shows how to upload the new firmware which i already knew how.

my only concern is how to enable the SSH on the said router.

lleachii · April 22, 2021, 10:25am

Ask OEM
Ask their community
Is there an OpenWrt page for this device?
- If so...are instructions there?

mykelm03 · April 22, 2021, 10:30am

[root@newifi_022F:/root]#logread|grep -i dropbear
Thu Apr 22 18:17:53 2021 authpriv.info dropbear[8440]: Not backgrounding
[root@newifi_022F:/root]#

[root@newifi_022F:/etc/config]#cat dropbear
config dropbear
option PasswordAuth 'on'
option RootPasswordAuth 'on'
option Port '22'

option BannerFile '/etc/banner'

was any missing on the dropbear config to make the SSH accessible?

lleachii · April 22, 2021, 10:30am

You need to see the very important install istructions here:

https://git.openwrt.org/?p=openwrt/openwrt.git;a=commit;h=c0e131b4363dde16a1071131b7e762e36099f780

Same as Newifi D1, users may need to request unlock code from the device
manufacturer. Otherwise, a SPI flash programmer may be necessary to get
the firmware flashed. After the device is unlocked, press and hold reset
button before power cable plugs in. Then go to http://192.168.1.1 to
upload and flash the firmware package.

ASFP · April 22, 2021, 10:31am

You could use this guide to jailbreak the router and install OpenWRT

But as with all the jailbreak guides, there is a chance to brick the router.

lleachii · April 22, 2021, 10:32am

(Why are no one using the OpenWrt instructions?)

mykelm03 · April 22, 2021, 10:34am

i know this procedure, what is lacking is the part number 2.. i cannot run WinSCP from my windows as getting "Connection to "IP" refused" to upload the said file for jailbreaking. which is i am assuming is that no open port 22 is running on the router or something to do with the dropbrear (just guessing)

ASFP · April 22, 2021, 10:35am

I couldn't find any Instructions from the official OpenWrt

lleachii · April 22, 2021, 10:35am

I must be blocked in this thread...hopefully someone can show the OP the official instructions I linked.

ASFP · April 22, 2021, 10:37am

And after visiting this: http://192.168.99.1/newifi/ifiwen_hss.html page you got "success" as output?

frollic · April 22, 2021, 10:39am

The link in the wiki, to the git commit, doesn't work, which makes the question legit.

IMHO

lleachii · April 22, 2021, 10:42am

1.) Are you saying you cannot browse to the page I linked; or 2.) are you saying the instructions quoted do not work???

That is the Git commit.

If 2, then I would advise:

author
committer
Signed-off-by:

Contacting one of them.

mykelm03 · April 22, 2021, 10:43am

got it working.. after googling around, this page answers the question

https://forum.archive.openwrt.org/viewtopic.php?id=58271

the answer putting the line on the dropbear config,

option Interface 'lan'

Thank your so much for suggestion/recommendation. Appreciate your time on me... (able to access the router now via WinSCP)