Tag Archives: OpenWRT

Flashing Tomato over OpenWRT on WRT54GL

On Linksys Wrt54GL, flashing Tomato over OpenWRT 10.03 using the web gui works fine. You need to use the tomato.trx image rather than any bin file. When the router is rebooted, it has IP 192.168.1.1, username=root, password=admin.

Update 2015-07-25: I did this from OpenWrt rescue mode, using command line:

# sysupgrade -v -n tomato.trx

After that, I needed to make a hardware reset: start the router up with the reset button (on the back side) pressed. Keep it pressed for about 15-30 seconds (depending on what source you reead), and then restart (unplug and plug).

SSH reverse tunnel to OpenWRT / dropbear

I have a little WRT54GL router that runs OpenWRT. It is very convenient to be able to SSH into the router, and even more convenient to make tunnels.

In opensshd, there is an option

GatewayPorts yes

that needs to be turned on. It allows the SSH server to listen to ports and forward them back to the client. Also it allows other machines to connect to that port on the SSH server, not just the SSH server.

Well, for dropbear (the SSH implementation of OpenWRT), things are a little different. First, you need to start the dropbear deamon with the flag -a. Preferably:

#/etc/config/dropbear
        option 'GatewayPorts' 'on'

Second, when you invoke ssh, you need to specifically tell dropbear to listen to the network interface (not to localhost). Example:

$ ssh -l root -R 1.2.3.4:7777:10.2.2.12:80 1.2.3.4

This assumes you are on a client, on the 10.2-network. Your OpenWRT is on the internet (IP=1.2.3.4). Connections made to 1.2.3.4, port 7777 will be tunneled through SSH back to the client. The client will in turn make a new connection to 10.2.2.12, port 80 and forward all traffic there. So, in this case, an internal webserver is exposed on the internet.

With other sshd servers, it may be enought to make the call

$ ssh -l root -R 7777:10.2.2.12:80 1.2.3.4

and sshd will listen to all interfaces.