Bernd
February 18, 2020, 1:07am
1
Hello.
OpenWrt has now the package sshpass for automatic login. I want to use a http-proxy on OpenWrt with the following command:
Example:
sshpass -p 'Password' ssh -N -o UserKnownHostsFile=known_hosts -L 5080:127.0.0.1:3128 USERNAME@SERVER
Usually I set 127.0.0.1:5080 in the browser. After that the connection is established as well.
But what should I set to use the browser on my desktop PC when I start http-proxy on OpenWrt?
Best regards
Bernd
yousong
February 18, 2020, 4:12am
2
You want to run the sshpass command on OpenWrt and let the browser on your desktop to use the local endpoint of the ssh tunnel?
-L 0.0.0.0:5080:127.0.0.1:3128
should do. Or use a specific ip address in place of 0.0.0.0
.
Bernd
February 18, 2020, 2:03pm
3
Yes.
I want to let the browser on my desktop to use these settings:
I have tried:
-L 0.0.0.0:5080:127.0.0.1:3128
and
-L 127.0.0.1:5080:127.0.0.1:3128
both did not work.
ulmwind
February 18, 2020, 2:12pm
4
Run command, replacing 127.0.0.1 by LAN-IP of router, and after that use this IP. Or you can leave command the same, and add redirect rule to firewall, see examples in /etc/config/firewall
1 Like
yousong
February 18, 2020, 2:29pm
5
Replace "HTTP Proxy" field "127.0.0.1" with IP address of your OpenWrt box, e.g. 192.168.1.1.
1 Like
Bernd
February 18, 2020, 2:33pm
6
Thanks for the solution @ulmwind and @yousong .
Should I put the command in "/etc/rc.local" if the http-proxy on OpenWrt should start from startup?
ulmwind
February 18, 2020, 2:49pm
7
Yes, it is the simplest approach. You can also write your custom script: https://openwrt.org/docs/techref/initscripts
Bernd
February 18, 2020, 4:11pm
8
The command:
sshpass -p 'Password' ssh -N -o UserKnownHostsFile=known_hosts -L 192.168.1.1:5080:127.0.0.1:3128 USERNAME@SERVER
does not work in /etc/rc.local.
When I activate the custom script:
/etc/init.d/ssh-pp enable
ssh-pp:
#!/bin/sh /etc/rc.common
START=30
start() {
sshpass -p 'Password' ssh -N -o UserKnownHostsFile=known_hosts -L 192.168.1.1:5080:127.0.0.1:3128 USERNAME@SERVER
}
and when I restart ssh-pp in LuCI, I get the message:
Failed to execute "/etc/init.d/ssh-pp start" action: Command failed
ulmwind
February 18, 2020, 4:29pm
9
Try to specify full path to sshpass, and known_hosts.
1 Like
Bernd
February 18, 2020, 5:06pm
10
That was right again @ulmwind . I have now:
/usr/bin/sshpass -p 'Password' ssh -N -o UserKnownHostsFile=/root/known_hosts -L 192.168.1.1:5080:127.0.0.1:3128 USERNAME@SERVER
But now I cannot connect to LuCI with a second browser via 192.168.1.1.
Should I activate something in the OpenWRT Firewall?
ulmwind
February 18, 2020, 5:25pm
11
Sorry, what does it mean 'second' browser?
Bernd
February 18, 2020, 5:30pm
12
I am connected with Firefox (192.168.1.1:5080) to VPN Provider
I cannot connect to LuCI (192.168.1.1) with Chrome.
ulmwind
February 18, 2020, 5:38pm
13
OK, it is interesting. Try to type:
http://192.168.1.1:80
ulmwind
February 18, 2020, 5:53pm
15
And after stopping ssh connection works fine?
Bernd
February 18, 2020, 6:05pm
16
I connect to OpenWrt via PuTTY.
The following commands, for example, have no effect:
/etc/init.d/ssh-pp stop
/etc/init.d/ssh-pp disable
reboot
When I remove ssh-pp via SCP and reboot OpenWrt, then I have access again via chrome
ulmwind
February 18, 2020, 6:10pm
17
OK, stopping we'll discuss later. You should kill process, or write kill command to stop section of file.
It is interesting, could you perform one experiment:
change port in /etc/config/uhttpd on something exotics, like 3000, reboot router, and try to connect to http://192.168.1.1:3000
Bernd
February 18, 2020, 6:15pm
18
I think it was a problem of start priority.
After I changed from START=30 to START=99 it worked.
#!/bin/sh /etc/rc.common
START=99
I'm trying your idea too.
yousong
February 19, 2020, 2:44am
19
I think pservice is worth a try here. It can be convenient for running single command or scripts under procd, without writing init scripts.
It comes with a sample uci config pservice.config
Bernd
February 19, 2020, 10:36pm
20
After changing to START=99, every start priority number works now. I can now connect to LuCI, but I can't reboot the router in LuCI, for example.
How can I write this kill command?
ulmwind:
It is interesting, could you perform one experiment:
change port in /etc/config/uhttpd on something exotics, like 3000, reboot router, and try to connect to http://192.168.1.1:3000
After changing to START=99, I can't go back to START=30, because now every start priority number works. I can no longer reproduce the issue.
I do not know how to install the package on OpenWrt.
Where should I enter the ssh command in the sample?