Hi

I have installed dropbear using "ipkg install dropbear" and configure the rc.local to start up dropbear with "-s" option.

However, when I tried to ssh to it using putty, the system just prompt for my user id, and after that the putty window just closed automatically.

Is there anyway I could setup dropbear properly to enable ssh?

One thing that trips people up is not having their user shell listed in /etc/shells. I can't remember if this dropbear looks at /opt/etc/shells or /etc/shells. Adding this to rc.local will make it not matter:

ln -s /opt/etc/shells /tmp/shells

My /opt/etc/shells file has one line in it:

/opt/bin/bash

- K.C.

Hi

Thanks for the advice but my current configuration has already included the "ln -s /opt/etc/shells /tmp/shells" in the rc.local. Also my etc/shells contains the single line of /opt/bin/bash as well

Is there any other configuration that I should look at? Thanks.

Any clues sitting in your log files? Can you post the output of 'logread' after a failed login attempt.

- K.C.

Hi

I have executed the logread command after a failed dropbear login. Here's the output:


Mar 17 23:36:05 dropbear[4628]: exit before auth: Disconnect received


Any clue on what has gone wrong?

I'm running out of ideas. Any chance your user home directory does not exist or is not owned by the user with perms of 755?

- K.C.

i have modified the port (to another port) and then dropbear won't worked.

then i used the command chmod 755 /opt/home/yourusername and it worked.

this was the solution for me.

grat182

Hello, i have installed the Firmware successfully and got enhanced-ctorrent/ screen program to work perfectly. Although i have little knowledge what dropbear is and how to use it. I have installed dropbear although when i type in "opt/bin/dropbear" in putty i get the following output, "
#
# opt/bin/Dropbear
opt/bin/Dropbear: not found" Can someone please give a good guide on what dropbear is and how to install, configure it correctly. My objective is that i would like to share my files over vis the internet , and connect to my router via telnet, from the internet so i can download torrents when i am not at home. Thank you for all your help, and i must say a great guide on how to set up enhanced-ctorrent it works great for me ! :) :D

in my case it is sitting in /usr/sbin/dropbear
if your one is in /opt/bin run it as /opt/bin/dropbear (start with / and dont use capital letters)

hey thanks for the help! although unfortunately i am still stuck at the same error as before, "
# opt/bin/dropbear
opt/bin/dropbear: not found
#
# usr/sbin/dropbear
usr/sbin/dropbear: not found
#
# /opt/bin/dropbear
/opt/bin/dropbear: not found
#
"
it is still telling me that dropbear cannot be found, and i did install it, " opt/bin/ipkg install dropbear
Package dropbear (0.48.1-1) installed in root is up to date.
Nothing to be done
Successfully terminated." so i know it is installed. but i have no idea what to do now... lol

ipkg install findutils
find / -name dropbear
:)

Hey thanks for the help aging!! unfortunitly now i get another error installing the "findutils"
# opt/bin/ipkg install findutils
Installing findutils (4.2.30-1) to root...
Nothing to be done
An error ocurred, return value: 1.
Collected errors:
ERROR: The following packages conflict with findutils:
busybox-links
#
""" THANK FOR YOUR HELP AGING! :)

No offence Fullback, but did you even try to figure this out on your own before giving up?

All I needed to do was type 'ipkg' and experiment with the different option combinations for about 2 minutes to get findutils to install:

ipkg -force-depends -force-overwrite install findutils

- K.C.

Hey thanks sorry i am not to good with the linux command line yet, i do apologize. Can you please show me how to use dropbear works or point me out a link to a step by step instruction? "# opt/bin/find -name dropbear
./opt/etc/dropbear
./opt/sbin/dropbear
./proc/7/fd: No such file or directory
./shares/MYVOLUME1/opt/etc/dropbear
./shares/MYVOLUME1/opt/sbin/dropbear
" thanks for the help kfurge.
p.s I got dropbear to work, it starts up and ask me "login as" and i input "root" and then it says "root@192.168.1.1's password:" and i typed in root as well it did not work. how can i configure dropbear to work with my wan ip address or set up dns on it.? thanks aging guys sorry for bear rude

Using find you identified location of the dropbear on your system. Now you can run it as /opt/sbin/dropbear . After that you can connect to the box from outside by ssh client.

Hey i can connect the box using my dns address, although i get "login as: root
root@bhavdp.ath.cp password:
Access denied
root@bhavdp.ath.cp password:
"
how do i set up username and password for ssh? thanks for the help

you have to use the user (you have made) in the usermanagment (WEBUI).

grat182

hey thanks for the help, although i tired that and set up password in the config and made and tested a couple of users but i get the same error "login as: Bhavdip
Bhavdip@192.168.1.1's password:
Access denied
Bhavdip@192.168.1.1's password:"
i have made sure that it is the correct password although i get this error. thanks for any help!! :)

You're answer is probably sitting in the system log. You can read the log from the web interface or the logread command.

- K.C.

The answer depends on what you are doing. Above you were asking how to set-up dropbear, which is ssh-server. Your log shows that someone attempts to login to your box by ftp.

The most likely reason is that you have to use admin or root as user (I just checked, I also can't login to dropbear as regular user, while telnet is letting me to do that). Probably it is needed to record your user somewhere as allowed to login by ssh. To learn this question would be interesting for me too.

hey thanks for the help, although my log file just say's "
Apr 14 21:12:07 dropbear[2542]: exit before auth (user 'root', 2 fails): Exited normally
Apr 14 21:12:37 dropbear[2543]: user 'Bhavdip' has invalid shell, rejected
Apr 14 21:12:40 dropbear[2543]: user 'Bhavdip' has invalid shell, rejected
Apr 14 21:12:42 dropbear[2543]: user 'Bhavdip' has invalid shell, rejected
Apr 14 21:12:44 dropbear[2543]: exit before auth (user 'Bhavdip', 6 fails): Exited normally

" which is telling me that i had my login failed, but i am assured i entered the right password. what else could i do to find my problem. Thank you aging.

the solution is really in your log. Which shell is assigned to your user in /etc/passwd ?

valid shells should be enumerated in the file /etc/shells My one now has:

/opt/bin/bash
/opt/bin/tcsh
which corresponds to a real list of shells I installed

Don't forget to add /etc/shells to /usr/local/.files to maintain your changes after reboot

Now I should say thank you that you found that, because after I did that I can login as different user with non-/bin/sh shell :) So, you can disregard my previous post :)

hey thank you for your help, although i dont understand to much. lol i am a newbi at all this. Can you explain how i do this? because i typed in the code you gave me and i got "
bash-3.2# opt/bin/tcsh
bash: opt/bin/tcsh: No such file or directory
" i know i am doing this wrong... although i dont know how to do it correctly. also my other question is you asked me to "add /etc/shells to /usr/local/.files " I really dont know how to do this. i Dont know how to open files in telnet, or how to use "VI" thanks for your help if u can show me these few things! thanks aging P.S you also said "Which shell is assigned to your
user in /etc/passwd ?" how can i view that. thank you

type
cat /etc/passwd

the last parameter in every line is your user's login shell

which firmware do you use --- oleg or asus-original?

Hey i use the custom firmware. Posted by Kfurge. Thank you for the reply
P.S i typed in the code you gave me i got "cat /etc/passwd
root::0:42000:root:/:/bin/sh
Bhavdip:BhjjX/Gf9y2Wg:35000:42000:Bhavdip:/dev/null:/bin/false"

/bin/false is not a shell. When your user logs in, the system attempts to start /bin/false as a shell. The result is failure

/dev/null is also not the best choice for the home directory

Where did you get this user from? It's either too clever, or too stupid for me :)

So either login as root, or change /bin/false for /bin/sh (you can just edit /etc/passwd), or better create a new user using adduser utility (if necessary first install it)

Don't forget to add /etc/shells to /usr/local/.files to maintain your changes after reboot

I wish I would have read that line before I rebooted. Everything was working fine before the restart, but now I am locked out as my shell is invalid. I also made the mistake of disabling telnet before the reboot.

Any suggestions how I can log back into the device? I re-flashed this morning but it remembered all my settings :-/

Thank you for the help,
Hacksaw.

Everything was working fine before the restart, but now I am locked out as my shell is invalid. I also made the mistake of disabling telnet before the reboot.

Do you have access to the router through the web-interface?
Which firmware do you use?

Do you have access to the router through the web-interface?
Which firmware do you use?

I have access to the router through the web interface and through FTP (guest).

I am running WL700gE_1.0.4.6_kc_02a.nas.

The router is functioning perfectly. I have just lost shell access :-)

Hacksaw.

I should point out that I have also tried to reset to factory defaults. This didn't help either. I have tried to load the rc.local file back into MYSHARE1/web but this does not seem to get read either...

Hacksaw.

I have access to the router through the web interface

This is good. There are several general approaches to attempt.

1) you might try to enable telnet access back through web-interface. As to my experience, even when I had invalid shell, and ssh login was failing, I still was able to login through telnet. Possibly if it detects wrong shell it substitutes it for the default.

2) try if the following page is available: http://192.168.1.1/Main_AdmStatus_Content.asp

if yes, it will let you enter commands and see result.

3) you might try to copy full flashfs content as single tar.gz file from System Setup -> Flashfs Management then edit it and return back

P.S. I have to admit that I'm more familiar with fw from Oleg for 500-series of asuses. The above suggestions are general and non-destructive. /etc/shells has to contain list of shells (that's correct, because this comes from unix world). However, /usr/local/.files might happen to be Oleg-specific. Check it.

This is good. There are several general approaches to attempt.

1) you might try to enable telnet access back through web-interface. As to my experience, even when I had invalid shell, and ssh login was failing, I still was able to login through telnet. Possibly if it detects wrong shell it substitutes it for the default.

Well, I tried the telnet hack described in http://wl500g.info/archive/index.php/t-7313.html but I actually get the contents of the file displayed. Do I need to do anything to get cgi support going?

Hacksaw.

unfortunately your firmware seems to be different from my one.

Again, just a couple of general guesses.

May be cgi file permissions should be made executable

Executable file is sensitive to the type of the end of line character. In windows it is CR+LF, in unix it should be LF only. If the first line (#!/bin/sh) has wrong end-of-line character(s), it is enough to make it non-executable.

I suggest to try the following: if there is another cgi file there take it, edit it (with minimum changes, and while not touching the header), and write back (may be with different name, may be with the same). If you do this in unix, I think 95% it will work, in windows file permissions might be lost, but EOL should be preserved.

P.S. There is another discussion (not very prolific though here) http://wl500g.info/archive/index.php/t-6521.html (see post #3 from top)

May be cgi file permissions should be made executable
I figured that out and changed the permissions to make is executable. Unfortunately, the web server is now returning a totally unusable error message.


Executable file is sensitive to the type of the end of line character. In windows it is CR+LF, in unix it should be LF only. If the first line (#!/bin/sh) has wrong end-of-line character(s), it is enough to make it non-executable.
I used VIM to create the file, but I will check again to make sure.


I suggest to try the following: if there is another cgi file there take it, edit it (with minimum changes, and while not touching the header), and write back (may be with different name, may be with the same). If you do this in unix, I think 95% it will work, in windows file permissions might be lost, but EOL should be preserved.
I tried renaming an existing one to telnet.cgi to see if it would work but I get an error. I will try a few other things.

If I flash the original ASUS firmware will it clear the changes I made? If so I can then try to upgrade again...

Thank you for the help!
Hacksaw.

I managed to get telnet running again by editing an existing cgi to invoke it.

Thanks for the help!

Hacksaw.