DGA0122 Disable SSH: Difference between revisions

Back up to the Technicolor_DGA0122 Page
From AAISP Support Site
m (Warn about the rtfd command)
(Easier way to turn SSH on or off - needs engineer username on Web UI)
Line 9: Line 9:
The CLI is fairly minimal, there is no manual :-( N.B. If you choose to play with the CLI, the '''rtfd''' command will reset the router to factory default setting, without any warning or Y/N prompt.
The CLI is fairly minimal, there is no manual :-( N.B. If you choose to play with the CLI, the '''rtfd''' command will reset the router to factory default setting, without any warning or Y/N prompt.


ssh can be disabled if you want, you can do this via ssh. ssh in to the router and paste the following which will disable the access:
ssh can be disabled if you want, you can do this via the web interface (at least with firmware 19.4) or via ssh.

== Web method ==
Login to the router using the ''engineer'' username and admin password. Select the ''System Info'' tile and the ''Configuration'' tab. Turn ''Local SSH'' on or off.

With Local SSH turned off, when you try to ssh, you'll get:
ssh: connect to host 192.168.1.1 port 22: Connection refused

To revert the change, use the above steps to turn Local SSH back on.

== SSH method ==
ssh in to the router and paste the following which will disable the access:
set InternetGatewayDevice.Services.X_000E50_AccessManagement.SSH.ServerAccess.1.Enable 0
set InternetGatewayDevice.Services.X_000E50_AccessManagement.SSH.ServerAccess.1.Enable 0



Revision as of 16:51, 5 Haziran 2023


This probably applies to most Technicolor routers.

ssh is enabled from the LAN, and can be accessed using the engineer user and the admin password.

The CLI is fairly minimal, there is no manual :-( N.B. If you choose to play with the CLI, the rtfd command will reset the router to factory default setting, without any warning or Y/N prompt.

ssh can be disabled if you want, you can do this via the web interface (at least with firmware 19.4) or via ssh.

Web method

Login to the router using the engineer username and admin password. Select the System Info tile and the Configuration tab. Turn Local SSH on or off.

With Local SSH turned off, when you try to ssh, you'll get:

ssh: connect to host 192.168.1.1 port 22: Connection refused

To revert the change, use the above steps to turn Local SSH back on.

SSH method

ssh in to the router and paste the following which will disable the access:

set InternetGatewayDevice.Services.X_000E50_AccessManagement.SSH.ServerAccess.1.Enable 0

The command will run, and should report no error. type exit to exit from the ssh session. (see screenshot)

ssh disable command

Then reboot the router.

Then when you try to ssh, you'll get:

ssh: connect to host 192.168.1.1 port 22: Connection refused

To revert the change, you'll need to reset the router and re-configure.