@ kfurge
many thanks for your excellent work and investigations !
as many others i finally worked it out to get a much better WL700g router than ASUS sold me !
there are a few issues, where i got into trouble and after reading completely this monster-thread, i found all relevant informations how to solve these issues. it seems that most people get into the same troubles if any.
1. forget to chmod the rc.local
2. problems when editing /opt/etc/sudoers
3. continous reboot of the router after editing /etc/passwd while there exists another /shares/MYVOLUME1/__pdc/passwd file with different content.
this led me to the idea, to update your instructions, and commentary at:
http://home.comcast.net/~kfurge/wl700ge.html
in order to prevent others to get in troubles.
there are only a few steps to watch, my proposal for the updated instructions in Step #5:
Code:
Step #5, Making a better system
1. Install the bash package for a better shell
2. Install the sudo package so you don't have to login as root to perform administrative functions (you can't login as root via ssh anyway)
3. Add a non-root <username> account via the web interface
4. Give yourself <username> supreme permissions in /opt/etc/sudoers, e.g.
# User privilege specification
root ALL=(ALL) ALL
<username> ALL=(ALL) ALL
5. Add /opt/bin/bash to /etc/shells (echo "/opt/bin/bash" >> /etc/shells)
6. Give yourself <username> a home directory (mkdir -p /opt/home/<username>; chown <username> /opt/home/<username>)
7. Modify /etc/passwd to make /opt/bin/bash your login shell and /opt/home/<username> your home directory (vi /etc/passwd). See here for a non-functional sample.
8. Optionally symlink yourself <username> directory into /shares/MYVOLUME1/MYSHARE1 if you want it accessable via cifs (Samba). This trick won't work for ftp, nfs or the web interface. You'll have to make your home directory in /shares/MYVOLUME1/MYSHARE1 if you want full access from all methods. (cd /shares/MYVOLUME1/MYSHARE1; ln -s /opt/home/<username>)
9. Within your .profile, add /opt/bin and /opt/lib to your PATH and LD_LIBRARY_PATH environment variables
10. Install dropbear and start it manually at first (/opt/etc/init.d/S51dropbear), then via rc.local, see the last rc.local file below.
11. Test your configuration if everything works fine and that you can login using ssh too.
12. WARNING: Before you test a reboot of your router, change the share management to use PBSA (Password Based Share Access) , then check if there exists the file /shares/MYVOLUME1/__pdc/passwd and remove it (rm /shares/MYVOLUME1/__pdc/passwd), then switch back to UBSA (User Based Share Access) and reboot your router. If everything works well you should be able to login by telnet and ssh.
13. Disable telnet from rc.local to completely eliminate any chance of root logins,
WARNING: test ssh login before commenting out utelnetd, otherwise you can lock out yourself of your router!
14. Install ncurses, ncursesw, and termcap packages for better terminal support. You may need to use the -force-overwrite option when installing ncurses.
15. Install man and man-pages packages, install hdparm package too, if you plan to use the APM features of your HDD
thanks again,
best regards,
--
tiwag