OpenWrt Forum Archive

Topic: Cannot ssh after reboot

The content of this topic has been archived on 4 May 2018. There are no obvious gaps in this topic, but there may still be some posts missing at the end.

Post #1
aff
3 Aug 2009, 14:21

I've installed KAMIKAZE (8.09, r14511) on a Linksys WRT54GL. I can enter failsafe mode and set root's password, but after reboot I cannot log into it again using ssh.  I expect the below to work, but it doesn't. Do I need to umount the file system or 'commit' in order for the changes to be permanently written (so that it survives reboot)?  (code below edited for brevity)

$ telnet 192.168.1.1
BusyBox v1.11.2 (2009-01-06 07:18:07 CET) built-in shell (ash)
root@(none):/# mount_root
Unlocking rootfs_data ...
switching to jffs2
root@(none):/# passwd
Changing password for root
New password:
Bad password: too weak
Retype password:
Password for root changed by root
root@(none):/# reboot -f

Now switch the network cable from WAN port to one of the LAN ports.

$ ssh root@192.168.1.1
ssh: connect to host 192.168.1.1 port 22: No route to host

Shouldn't this work?

(Last edited by aff on 3 Aug 2009, 14:22)

Post #2
ciscostu
3 Aug 2009, 17:23

No route to host

This means ARP is failing, and shouldn't be related to dropbear (the SSH daemon) or your password.

Have you changed your LAN IP, or configured the LAN interface as a DHCP client?  Failsafe will use 192.168.1.1 regardless of the configuration.

Hope this helps,
Charlie

Post #3
aff
3 Aug 2009, 17:33

Thanks for your reply.

I have assigned 192.168.1.1 to the router and static 192.168.1.2 to the pc, with 192.168.1.1 as gateway.

What else can I do to troubleshoot?

Post #4
ciscostu
3 Aug 2009, 19:43

Clear the ARP cache on your PC (arp -d 192.168.1.1). 

Then try pinging 192.168.1.1.  Do you get an ARP reply (arp -a)?

Thanks!
Charlie

Post #5
aff
4 Aug 2009, 07:13

I get arp "incomplete" after router reboot with cable plugged into LAN port on router:

$ arp 
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.1.1                      (incomplete)                              eth0
$ sudo arp -d 192.168.1.1
$ ping 192.168.1.1
PING 192.168.1.1 (192.168.1.1) 56(84) bytes of data.
From 192.168.1.2 icmp_seq=2 Destination Host Unreachable
From 192.168.1.2 icmp_seq=3 Destination Host Unreachable
From 192.168.1.2 icmp_seq=4 Destination Host Unreachable
^C
--- 192.168.1.1 ping statistics ---
6 packets transmitted, 0 received, +3 errors, 100% packet loss, time 5000ms
, pipe 3
$ 
$ arp
Address                  HWtype  HWaddress           Flags Mask            Iface
192.168.1.1                      (incomplete)                              eth0
$ 
$ cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet static
address 192.168.1.2
netmask 255.255.255.0
gateway 192.168.1.1

The router setup is as below. Any help is appreciated.

$ telnet 192.168.1.1
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.

 === IMPORTANT ============================
  Use 'passwd' to set your login password
  this will disable telnet and enable SSH
 ------------------------------------------


BusyBox v1.11.2 (2009-01-06 07:18:07 CET) built-in shell (ash)
Enter 'help' for a list of built-in commands.

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 KAMIKAZE (8.09, r14511) ----------------------------
  * 10 oz Vodka       Shake well with ice and strain
  * 10 oz Triple sec  mixture into 10 shot glasses.
  * 10 oz lime juice  Salute!
 ---------------------------------------------------
root@(none):/# mount_root
Unlocking rootfs_data ...
switching to jffs2
root@(none):/# 
root@(none):/# for F in `find /etc/config/ -type f`; do echo -e "--"; echo $F; c
at $F; done
--
/etc/config/dhcp

config 'dnsmasq'
        option 'domainneeded' '1'
        option 'boguspriv' '1'
        option 'filterwin2k' '0'
        option 'localise_queries' '1'
        option 'local' '/lan/'
        option 'domain' 'lan'
        option 'expandhosts' '1'
        option 'nonegcache' '0'
        option 'authoritative' '1'
        option 'readethers' '1'
        option 'leasefile' '/tmp/dhcp.leases'
        option 'resolvfile' '/tmp/resolv.conf.auto'

config 'dhcp' 'lan'
        option 'interface' 'lan'
        option 'start' '100'
        option 'limit' '150'
        option 'leasetime' '12h'

--
/etc/config/luci

config 'core' 'main'
        option 'lang' 'auto'
        option 'mediaurlbase' '/luci-static/openwrt.org'
        option 'resourcebase' '/luci-static/resources'

config 'extern' 'flash_keep'
        option 'uci' '/etc/config/'
        option 'dropbear' '/etc/dropbear/'
        option 'openvpn' '/etc/openvpn/'
        option 'passwd' '/etc/passwd'
        option 'opkg' '/etc/opkg.conf'
        option 'firewall' '/etc/firewall.user'
        option 'uploads' '/lib/uci/upload/'

config 'internal' 'languages'
        option 'en' 'English'

config 'internal' 'sauth'
        option 'sessionpath' '/tmp/luci-sessions'
        option 'sessiontime' '3600'

config 'internal' 'ccache'
        option 'enable' '1'

config 'internal' 'template'
        option 'compiler_mode' 'file'
        option 'compiledir' '/tmp/luci-templatecache'

config 'internal' 'themes'
        option 'OpenWrt' '/luci-static/openwrt.org'

--
/etc/config/fstab
config mount
        option target   /home
        option device   /dev/sda1
        option fstype   ext3
        option options  rw,sync
        option enabled  0

config swap
        option device   /dev/sda2
        option enabled  0
--
/etc/config/httpd

config 'httpd'
        option 'port' '80'
        option 'home' '/www'

--
/etc/config/firewall
config defaults
        option syn_flood        1
        option input            ACCEPT
        option output           ACCEPT 
        option forward          REJECT

config zone
        option name             lan
        option input    ACCEPT 
        option output   ACCEPT 
        option forward  REJECT

config zone
        option name             wan
        option input    REJECT
        option output   ACCEPT 
        option forward  REJECT
        option masq             1 

config forwarding 
        option src      lan
        option dest     wan
        option mtu_fix  1

--
/etc/config/dropbear
config dropbear
        option PasswordAuth 'on'
        option Port         '22'
--
/etc/config/luci_ethers

--
/etc/config/network
#### VLAN configuration 
config switch eth0
        option vlan0    "0 1 2 3 5*"
        option vlan1    "4 5"


#### Loopback configuration
config interface loopback
        option ifname   "lo"
        option proto    static
        option ipaddr   127.0.0.1
        option netmask  255.0.0.0


#### LAN configuration
config interface lan
        option type     bridge
        option ifname   "eth0.0"
        option proto    static
        option ipaddr   192.168.1.1


#### WAN configuration
config interface        wan
        option ifname   "eth0.1"
        option proto    static
        option ipaddr   192.168.2.23
        option netmask  255.255.255.0
        option gateway  192.168.2.3
        option dns      192.168.2.3
--
/etc/config/ucitrack
config network
        option init network
        list affects dhcp

config wireless
        list affects network

config firewall
        option init firewall
        list affects luci-splash
        list affects qos

config olsr
        option init olsrd

config dhcp
        option init dnsmasq

config dropbear
        option init dropbear

config httpd
        option init httpd

config fstab
        option init fstab

config qos
        option init qos

config system
        option init led

config luci_hosts
        option init luci_hosts
        list affects dhcp

config luci_ethers
        option init luci_ethers
        list affects dhcp

config luci_splash
        option init luci_splash

config upnpd
        option init miniupnpd

config ntpclient
        option init ntpclient

config samba
        option init samba

config tinyproxy
        option init tinyproxy
--
/etc/config/system
config system
        option hostname OpenWrt
        option timezone UTC
--
/etc/config/wireless

config 'wifi-device' 'wl0'
        option 'type' 'broadcom'
        option 'channel' '5'
        option 'disabled' '0'

config 'wifi-iface'
        option 'device' 'wl0'
        option 'network' 'lan'
        option 'mode'   'ap'
        option 'ssid' 'EDA'
        option 'encryption' 'none'

--
/etc/config/luci_hosts

root@(none):/# reboot -f
Post #7
aff
4 Aug 2009, 18:51

Maybe try running 'firstboot' from failsafe?

That fixed it! Thanks a lot!

Post #8
AriedoQ
5 Aug 2009, 16:11

I got pretty same behaviour on a wrt54g3g.
I installed 8.09.1 and after reboot i could connect with the luci but not with ssh (i got access denied).
I solved changing the root password in the luci with the same previous password.
In the while maybe i have also rebooted the router.
Then i could connect to the router with ssh.

(Last edited by AriedoQ on 5 Aug 2009, 17:00)

The discussion might have continued from here.