DGA0122 Disable SSH: Difference between revisions

Back up to the Technicolor_DGA0122 Page
From AAISP Support Site
m (Warn about the rtfd command)
m (Reference OpenWrt)
 
(One intermediate revision by the same user not shown)
Line 3: Line 3:
[[Category:Technicolor_DGA4134]]
[[Category:Technicolor_DGA4134]]


This probably applies to most Technicolor routers.
This probably applies to most Technicolor routers of the same era.


ssh is enabled from the LAN, and can be accessed using the engineer user and the admin password.
ssh is enabled from the LAN, and can be accessed using the engineer user and the admin password.


The CLI is fairly minimal, there is no manual :-( N.B. If you choose to play with the CLI, the '''rtfd''' command will reset the router to factory default setting, without any warning or Y/N prompt.
The CLI is fairly unfriendly, there is no manual. The firmware is based on OpenWrt, and the '''get''' and '''set''' commands work like as in that firmware's UCI. N.B. If you choose to play with the CLI, the '''rtfd''' command will reset the router to factory default setting, without any warning or Y/N prompt.


ssh can be disabled if you want, you can do this via ssh. ssh in to the router and paste the following which will disable the access:
ssh can be disabled if you want, you can do this via the web interface (at least with firmware 19.4) or via ssh.

== Web method ==
Login to the router using the ''engineer'' username and admin password. Select the ''System Info'' tile and the ''Configuration'' tab. Turn ''Local SSH'' on or off.

With Local SSH turned off, when you try to ssh, you'll get:
ssh: connect to host 192.168.1.1 port 22: Connection refused

To revert the change, use the above steps to turn Local SSH back on.

== SSH method ==
ssh in to the router and paste the following which will disable the access:
set InternetGatewayDevice.Services.X_000E50_AccessManagement.SSH.ServerAccess.1.Enable 0
set InternetGatewayDevice.Services.X_000E50_AccessManagement.SSH.ServerAccess.1.Enable 0



Latest revision as of 16:44, 24 December 2023


This probably applies to most Technicolor routers of the same era.

ssh is enabled from the LAN, and can be accessed using the engineer user and the admin password.

The CLI is fairly unfriendly, there is no manual. The firmware is based on OpenWrt, and the get and set commands work like as in that firmware's UCI. N.B. If you choose to play with the CLI, the rtfd command will reset the router to factory default setting, without any warning or Y/N prompt.

ssh can be disabled if you want, you can do this via the web interface (at least with firmware 19.4) or via ssh.

Web method

Login to the router using the engineer username and admin password. Select the System Info tile and the Configuration tab. Turn Local SSH on or off.

With Local SSH turned off, when you try to ssh, you'll get:

ssh: connect to host 192.168.1.1 port 22: Connection refused

To revert the change, use the above steps to turn Local SSH back on.

SSH method

ssh in to the router and paste the following which will disable the access:

set InternetGatewayDevice.Services.X_000E50_AccessManagement.SSH.ServerAccess.1.Enable 0

The command will run, and should report no error. type exit to exit from the ssh session. (see screenshot)

ssh disable command

Then reboot the router.

Then when you try to ssh, you'll get:

ssh: connect to host 192.168.1.1 port 22: Connection refused

To revert the change, you'll need to reset the router and re-configure.