Unable to login via ssh

I upgraded my TP-Link TL-WDR4300 v1 to OpenWrt 21.02.1 r16325-88151b8303 and it works fine so far, but I'm unable to login via ssh.

The router just closes the connection with no error in syslog:

Wed Feb 23 18:15:10 2022 authpriv.info dropbear[2750]: Child connection from 192.168.10.100:56900
Wed Feb 23 18:15:11 2022 authpriv.notice dropbear[2750]: Pubkey auth succeeded for 'root' with key sha1!! <redacted>
Wed Feb 23 18:15:11 2022 authpriv.info dropbear[2750]: Exit (root) from <192.168.10.100:56900>: Disconnect received

On the client side I also see no error:

debug2: channel 0: request shell confirm 1
debug3: send packet: type 98
debug2: channel_input_open_confirmation: channel 0: callback done
debug2: channel 0: open confirm rwindow 24576 rmax 32759
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: PTY allocation request accepted on channel 0
debug3: receive packet: type 99
debug2: channel_input_status_confirm: type 99 id 0
debug2: shell request accepted on channel 0
debug3: receive packet: type 96
debug2: channel 0: rcvd eof
debug2: channel 0: output open -> drain
debug2: channel 0: obuf empty
debug2: chan_shutdown_write: channel 0: (i0 o1 sock -1 wfd 5 efd 6 [write])
debug2: channel 0: output drain -> closed
debug3: receive packet: type 98
debug1: client_input_channel_req: channel 0 rtype exit-status reply 0
debug3: receive packet: type 97
debug2: channel 0: rcvd close
debug2: chan_shutdown_read: channel 0: (i0 o3 sock -1 wfd 4 efd 6 [write])
debug2: channel 0: input open -> closed
debug3: channel 0: will not send data after close
debug2: channel 0: almost dead
debug2: channel 0: gc: notify user
debug2: channel 0: gc: user detached
debug2: channel 0: send close
debug3: send packet: type 97
debug2: channel 0: is dead
debug2: channel 0: garbage collecting
debug1: channel 0: free: client-session, nchannels 1
debug3: channel 0: status: The following connections are open:
  #0 client-session (t4 r0 i3/0 o3/0 e[write]/0 fd -1/-1/6 sock -1 cc -1)

debug3: send packet: type 1
Connection to wlan closed.
Transferred: sent 3528, received 1348 bytes, in 0.0 seconds

I'm at loss how to fix this, My TP-Link RE650 works fine with the same configuration.
Any ideas?

Cheers, Walter

What client are you running?

Not the same keys, etc.?

Client is Linux with OpenSSH_8.6p1, key is the same for both devices.
The key gets accepted, but the session gets closed by the router immediately.

LuCI > System > Administration > SSH Access

"Allow root logins with password" should be checked.

It is. As you can see from the log, the login gets excepted.

Actually what it's telling you is that the key is identified as SHA1.

It should be using SHA2.

Actually, no. That is the pubkey checksum, not the actual key (which is RSA).

1 Like

There are two rather common possibilities:

  • you installed a non-default shell (e.g. bash) in the past and made it root's default shell, after the upgrade bash is no longer there and logging in fails (no shell to spawn; /bin/bash gone, but /etc/passwd retained).
  • if you upgraded with retaining settings from a very old release, the old ssh hostkeys might not be accepted by modern ssh clients (without manual overrides) anymore (as deemed no longer secure enough).

Resetting to factory defaults would sort out either of these cases.

3 Likes

Solved! There is bash as a shell for root in passwd, but with the current version there is not enough space left for installing bash.

Thanks a bunch!

Cheers, Walter

1 Like

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.