Ssh root@ Permission denied (publickey)

Hi, i have bought a WRT54GL of ebay with openwrt installed on it. i believe to set it up with my ISP i will need to us PPPoA which i think needs to be set up via ssh? trying to connect via ssh to test it before i buy a modem to connect through ( i was going to get a draytek vigor120, would this work?) i get the following error:

freddie@frdd ~ $ ssh -c aes128-cbc root@
The authenticity of host ' (' can't be established.
RSA key fingerprint is SHA256:3+tBdTZorycn9nBiAVhC3ZtzkiKA7IB4yzPQJcPn4uI.
This key is not known by any other names
Are you sure you want to continue connecting (yes/no/[fingerprint])? yes
Warning: Permanently added '' (RSA) to the list of known hosts.
root@ Permission denied (publickey).

I have tried a few things like changing .ssh chmod to 700 but i'm not exaxtly sure what the problem is.

I think ssh on the box is configured to accept only a certificate login for root, which fail because you don't have the public key. So try a failsafe to reset the router.


Hi, thanks for the reply.
I think i sucsessfully put it into failsafe mode as unlike before when i try to ssh or telnet to the ip address now (via ethernet or wireless) the connection hangs trying to connect. am i doing something wrong?

When in failsafe mode, your computer will not be issued an IP address via DHCP. You need to set your IP address manually.

The error you described in the OP seems like a host OS error. Failsafe may not actually solve that issue, but worth trying failsafe first.

Just reset it to defaults, which will issue a DHCP IP and accept telnet or web login. Allow to boot up fully normally, then press and hold the reset button 5 or 10 seconds until the lights blink out.

Note that the WRT54GL hardware is low performance (180 MHz CPU) and can only run very old versions of OpenWrt.

as in just hold the reset button down on the router then try to telnet?

Plug in, wait a minute until fully booted, press and hold reset button for 10 seconds then release, lights should blink out and unit will reboot, wait until fully booted again, then log in.

Hi, i've just tried this with the reset button on the back however nothing seems to happen after i release the button. When i try to connect via telnet i get this message:

telnet> open
Connected to
Escape character is '^]'.
Login failed.
Connection closed by foreign host.

Do i need to set my IP to anything in particular? sorry i've not much experience with networks. My laptop is on linux, so i am assuming i would need to change it in /etc/conf.d/net ?

Do your laptop actually get a ip lease from the dhcp server?

Can you surf on the internet with the router?

The question is also if it is installed a custom image with preloaded packages and configs to save space, then a reset will only reset it to the custom image setup and not OpenWRT custom setup.

That is not going to work, PPP over ATM (or short PPPoA) requires that the node terminating the PPP-tunnel has an ATM interface, which the WRT54GL does not. If however your ISP requires PPP over Ethernet (PPPoE) then the WRT54GL should do (if connected ot an appropriate modem), but please note these devices are really old and are not recommended anymore die to too little RAM and flash.

Thanks. this makes a loot of sense. my ISP does require pppoA. I have a TP-link router that i am using at the moment, but the admin password doesn't work so perhaps i will set up a different router with openWRT when i can afford a new one

Ah, okay, that means any OpenWrt router will have to have an built-in ADSL-modem (well, I heard of modem's that can translate pptp to pppoa, but never seen such a biest in real life). There are a few models out there that might work, depending on where in the world you are located, like the BT HomeHub5A which might or might not work.

Yes, that is a good idea the WRT54GL were nice in their day, but truly are not that useful for a modern OpenWrt install (and due to security fixes you should aim fr a modern OpenWrt).

I live in the uk. how would i be able to work out if a modem is pppoa capable does it just need to have built in adsl? I have had a look and seen the BTHOMEHUB for sale, i have also seen the GL.iNet GL-AR150 which seems to be quite good aswell considering it is manifactured with the intent of having open source firmware.
edit: also i belive in the uk the internet comes through the phoneline, through an adsl converter then through an rj11 cable into the router's WAN port. is there a way to make sure that a router's WAN port is rj11 i can't see it listed for most models and the ports look very similar? and if not are rj-11 to rj-45 cables a real thing or just a scam?
edit: dsl is differnt to WAN, so i belive i would need a modem like the vigor 120 i mentioned above? i

Doesn’t the adsl modem have a RJ-45 output connector?
I guess the RJ-11 is for a telephone i serie with the adsl modem.

I don’t see any point of having RJ-11 to RJ-45 converter because telephone cables are straight and data is twisted pairs.

looking at my technicolour router and my (non functioning) openreach modem i think that all rj-11 ports are dsl. but wan ports are for people who connect to the internet not through there phoneline. i was just asking about the converter because i had seen one for sale and didn't think it would work

But doesn’t you have RJ-11 in the wall (or a socket adapter with rj11 on the adapter. Then rj11 cable to the modem rj11 connector. And then if you want a rj11 cable from adsl moden/router to a telephone. And a rj45 data/internet output on the adsl modem/router.

I think the “wan” rj45 connector is your internet connection to the world through the phone line!

Ah, in that case, I believe, you can simply switch to using PPPoE, at least the Openreach infrastructure, is supposed ot automatically switch between both dependeing on what your modem/router uses....

As far as I can tell, yes, at least for modems officially sold in the UK.

So traditional DSL internet re-uses the wiring initially deployed to allow telephony, these wires should terminate somewhere in your flat in a "wall plate" that offers some different connector (not being from the UK I am mostly regurgitating stuff I read on the net in the past). You typically connect your modem to a socket on the wall plate. Some modems have a RJ11 socket, other modems have RJ45 sockets, but all normal modems will only use 2 wires independent of the actual connector. But whether it is RJ11 or RJ45 you need to make sure that the socket is intended to be used for telephon wires and DSL, you can connect the wall plate to an RJ45 network socket on a router, but that will never work out to give you internet access :wink:

Yes, you need either a router with a build in modem (like the BT HomeHub5A, which can be gotten on ebat with OpenWrt already installed for a few pound) or a dedicated modem that supports ADSL (as far as I can tell most modems still support ADSL, so that should be easy).

Well, depending on the socket in the wall plate and the socket in the DSL modem such a converter can be useful... e.g. I attached a RJ45 style socket (from an old ISDN installation) as my "wall plate" and when I tested my HH5A I had to convert to RJ11. I did that, and I am not proud of that, by using the short RJ11 2 RJ11 cable that came with the HH5A and a simple RJ45 2 RJ45 coupling and just crammed the RJ11 plug centrally into one of the sides. This works because both plugs use the central two wires. I do want to note that the RJ11 plug permanently bent some of the contact springs in the coupling, so this can not really be used for RJ45 to RH45 connections anymore (but these are cheaper than a tool to crimp my own RJ11/RJ45 connectors).

More or less yes, have a look at the schematic of the back of an HH5A see on the left the gray RJ11 socket labeled "broadband DSL" and on the right rhe red RJ45 socket labeled "Broadband WAN". The SSL-socket speaks DSL, while the WAN-socket speaks ethernet. You would need the WAN socket, e.g. if you want to use an exoernal modem or if you a had fiber to the premise style link with a fiber ONT (which typically has a RJ45 ethernet socket on the consumer side).

A converter works as passive device to help if two sockets do not match, but it does not help to bridge a technology gap like going from DSL to ethernet.

ok, i will proably end up getting a BTHH5A then as it seems that the GL.iNet GL-AR150 would require me to get a modem like the vigor 120 aswell - even though in someways i would prefer a seperate modem and seperate router.