Maybe some improvement for noobs:
Originally Posted by
n00ben
save the private key somewhere, you will use this file each time you login,
create a dir in your home directory on your router:
mkdir .ssh
cd .ssh
You can go to home by typing "cd ~"
Originally Posted by
n00ben
next you need to copy the public key (with ctrl+c) from puttygen, the big string in the textfield (all of it).
in .ssh/ type:
echo ssh-rsa AAAAB3N......8nq97Rcl5D= rsa-key-20061230 > authorized_keys
(echo 'what you copied from puttygen here without the quotes' > authorized_keys
your string will be longer, I've just omited a large part.
this will create a 'authorized_keys' file.
Shouldn't this be /usr/local/root/.ssh/authorized_keys? (I have a WL-HHD with oleg fw. Maybe its other than WL-700. Pardon if this is wrong...)
For me the file is only saved after a
Code:
flashfs save && flashfs commit && flashfs enable
Originally Posted by
n00ben
now add '-s' to your rc.local and your init.d file so they read '/opt/sbin/dropbear -s' this will disable ordinary password logins.
Reboot your router.
Do this only after checking its working.
If the key file is not saved and dropbear only accepts passwordless logins you are barred.
Originally Posted by
n00ben
Now in Putty, go to settings->Connection->SSH->Auth here browse to your private key you saved with puttygen.
now when you login, you need to have the key and the passphrase for that key (you specified passphrase in puttygen)
you now efficiently stopped any kind of bruteforce attacks
/regards
Henrik
Thanks for your howto. it helped me a lot.
wengi