mrw1986 wrote:How exactly would I go about that? Again, I'm new to this...
i'm a bit confused. you're talking about luci and then about dropbear, so don't know what exactly you want.
anyway, i suggest a ssh-only setup with ssh-port-forwarding for LUCI access.
this is how it can be done:
1. configure dropbear securely ('PasswordAuth' 'off' + 'RootPasswordAuth' 'off') and upload your ssh key
2. open port device:22 for your remote ip-adress(es) or 0.0.0.0 for the whole evil internet.
2. add some iptables voodoo to mitigate ssh brute force attacks, here the IPv4 version (you need iptables-mod-tarpit and kmod-ipt-tarpit for it)
# ipv4 with TARPIT
iptables -N ssh_flood
iptables -A ssh_flood -s <your remote address/network -j RETURN
iptables -A ssh_flood -p tcp -m recent --name SSH --update --seconds 300 --hitcount 1 -j TARPIT
iptables -A ssh_flood -p tcp -m recent --name SSH --set
iptables -I zone_wan_forward -p tcp -m tcp --dport 22 -m state --state NEW -j ssh_flood
3. done
you can now access your router from remote via ssh and via HTTP(S) by using ssh-port-forwarding.
that's basically my setup and it works.
-p