Installing and using OpenSSH on Tomato WRT

I fought with this issue for a long time. After getting optware installed on my various Tomato routers, I wanted to switch from dropbear to OpenSSH so that I could utilize mutifactor authentication (and various tunneling features). I still haven’t sorted out everything, but I think that this might be useful for someone and I wanted to share it.

Well, after installing OpenSSH,
(ipkg install openssh)

I could connect to the OpenSSH service (hosted on a different port from dropbear),  I would get an error about the user having expired (even if I was trying to connect from a session running on the local machine, connecting to localhost). I did a lot of digging and eventually realized that OpenSSH (living on /opt/) was trying to read /etc/shadow and /etc/passwd, but not recognizing the 0′s as “infinity.”

All I had to do was to change the syntax (kind of not fun) manually.

vi /etc/shadow

And edit the line for root, making changes at the bold areas.

root:thishasbeenchangedbecauseitisapasswordhash:0:0:99999:7:0:0:

The other helpful hint I want to point out for the internet, is that you can download the precompiled busybox for mips and it includes the utility passwd (so you can change passwords of accounts).

I hope this helps someone. I’ve been able to successfully ssh into my tomato wrt box on the OpenSSH service port after making these changes.

This entry was posted in Technology. Bookmark the permalink.