|
|
发表于 2020-1-30 10:25:23
|
显示全部楼层
本帖最后由 yang1340751 于 2020-1-31 11:03 编辑
8 B# C9 u1 a' B+ v7 a) [8 L' Y! M6 S
! }9 T' r. d$ r/ tLZ,你好,我按照你的第一步操作,已经替换了/mnt/jffs2/hw_ctree.xml hw_ctree.xml5 t8 O2 \! _. y& E; |) s
添加好SSH功能/ P8 ?1 ?# S6 M5 m4 \8 u* [
. J0 m# J; B) B8 a- cd /tmp #进入/tmp目录
% k+ u E" y" L - 6 E- c* ?7 g# X7 q, T$ o* P
- cp /mnt/jffs2/hw_ctree.xml hw_ctree.xml.gz #复制/mnt/jffs2/hw_ctree.xml到/tmp目录并重命名为hw_ctree.xml.gz! ]/ F4 Z7 r, V0 B( `, F% s9 x/ ?
5 k" Q5 V _# [7 D9 O; T6 I- aescrypt2 1 hw_ctree.xml.gz tmp #解密/tmp/hw_ctree.xml.gz
- WAP(Dopra Linux) # cp /mnt/jffs2/hw_ctree.xml /tmp/hw_ctree.xml.gz
g; f) {- s V - WAP(Dopra Linux) # aescrypt2 1 hw_ctree.xml.gz tmp. @4 f. V6 `; H9 L! @( n! N- L8 x
- WAP(Dopra Linux) # gunzip hw_ctree.xml.gz1 W7 V, r* a6 L% _& h, ^
- WAP(Dopra Linux) # grep -i ssh /tmp/hw_ctree.xml. ]3 U3 H: T! i
- <X_HW_CLISSHControl Enable="0" port="22" Mode="1" AluSSHAbility="0"/>
* I8 @; h( {8 {" }" z - <AclServices HTTPLanEnable="1" HTTPWanEnable="0" FTPLanEnable="1" FTPWanEnable="0" TELNETLanEnable="1" TELNETWanEnable="0" SSHLanEnable="1" SSHWanEnable="0" SamBaLanEnable="1" SamBaWanEnable="0" HTTPPORT="80" FTPPORT="21" TELNETPORT="23" SSHPORT="22" WebPermanentCloseControl="0" HTTPWifiEnable="0" TELNETWifiEnable="0" WebAccessControl="1" TrustHost="">
2 D6 k4 ~. S$ `. p9 Y1 u
进行第二步7 u4 F. ]. ]8 {3 g1 y
- cd /tmp #进入/tmp目录: y. T% W$ T3 F9 E
- wget http://archive.openwrt.org/chaos_calmer/15.05.1/omap/generic/packages/base/dropbear_2015.67-1_omap.ipk #下载安装包; A$ E$ u: o9 u/ F! r( y+ @( k4 |! Z
- tar xzf dropbear_2015.67-1_omap.ipk #解压安装包
, W. w. O) N5 v+ @ - cd /opt/upt/apps/apps/ #进入 /opt/upt/apps/apps/目录5 x6 q. m& ]6 V( \
- tar xzf /tmp/data.tar.gz #解压data包,data包是解压ipk安装包后得到的
1 j% V* ~" t! K - mkdir etc/rc.d && cd etc/rc.d #新建/opt/upt/apps/apps/etc/rc.d文件夹并进入。
7 f/ f. w9 n9 z" U6 b
) Q$ G! \. p7 A3 i/ k* M& F- WAP>ssh authentication-type mode 0 #设置为账号密码登陆模式 A% \, |7 \! A9 x4 _7 f; z
- success!
2 h: z+ s3 M+ u* p9 ^! x - WAP>save data #保存
, q% J( ?+ A# L, F1 F: F2 g - success! Y, D! E7 G6 b* a1 d+ _& Q
- WAP>
- y( p: l5 \# c2 T+ v. p
然后用ssh方式登陆,提示错误
! S" [' D* P! W! \3 Z5 {) F
+ b3 [7 N% p# U9 w" X0 j+ a4 |- sshd listensocks[19]" D T9 p- O) m- C
- ───────────────────────────────────────────────────────
5 z% M# A1 I( q6 f u3 o3 N9 T - Session stopped
! V% D i! m( S# x0 f5 m
4 `% H# F3 T- ^( J T
疑问:
$ l x! P2 I1 J' S5 R& H6 G" b6 K第二步,好像没有将下载的dropbear替换掉原来的dropbear
: B, O" T2 f7 x4 }软连接也是连接原来的dropbear9 B; p# H6 |+ b: K7 O' i5 L
- 下载 dropbear 的包,解压,放入正确的位置。
" i# Y, W1 J H1 f& S% S: V4 |/ _8 G& Q: _* J9 S0 I: X! o& l3 x
将dropbear放到/opt/upt/apps/apps/etc/init.d/重启后,SSH可以进入,查看dropbear进程
# T) i [. t5 R% L- ^: S, K5 f- WAP(Dopra Linux) # ps -w|grep dropbear
+ L) i4 E& C, s6 d - 5501 root 1132 S dropbear -r /etc/dropbear/dropbear_rsa_host_key -p 22 -j -k
+ h' F9 r1 q4 E4 V' l - 5559 root 1344 S grep dropbear
. `! a+ C$ t( I1 Y7 X提示错误! r$ F( U! Z& X* q- V9 ~
" J$ p7 K K2 I. |& Z. \+ b# h
- kill掉原来的dropbear后,再查看dropbear进程,不存在该进程# y9 H6 ]% ~/ j, V, I( G4 R
- WAP(Dopra Linux) # ps -w|grep dropbear
+ M. ~( L3 S' F: d5 | - 3390 root 1344 S grep dropbear$ L0 K" [7 x! Y* c6 }6 ^ K
) f% N- d7 b( }+ F0 t0 F6 |- I- T* P$ A/ i+ ?2 L1 C6 y
- / j( s, o, w8 o: A* j$ P6 p8 g1 I
: L: a9 x! {8 `; a. s* ]
0 _; C, u9 T- M" N9 w. Z$ z手动启动/opt/upt/apps/apps/etc/init.d/dropbear,无法启动8 ~. j7 M" q8 Z
提示无法打开/etc/rc.common,查看该文件不存在# d$ h7 q& d; D% ]4 Y
* }( y! x+ {0 V- WAP(Dopra Linux) # pwd. n1 ]6 s1 b2 Z! W$ S0 Q
- /opt/upt/apps/apps/etc/init.d6 O5 U8 h. v$ u/ ?: C0 x
- WAP(Dopra Linux) # ./dropbear -r /etc/dropbear/dropbear_rsa_host_key -p 22 -j -k1 Z o: F0 g' G, j+ ~' ]1 P& k
- /bin/sh: can't open '/etc/rc.common'
9 p# z( @- m; k; C7 f, y - WAP(Dopra Linux) # ls /etc/rc.common
: C% W' I& ]( H - ls: /etc/rc.common: No such file or directory
# G' Q# a* V/ [+ `% ?: N - WAP(Dopra Linux) #
手动运行原来的dropbear正常
* _( g. p7 f9 ^/ P! J- 手动运行原来的dropbear,成功
) Y f% f" Z2 W1 w3 m+ w( r# u$ ^# I$ b - WAP(Dopra Linux) # dropbear -r /etc/dropbear/dropbear_rsa_host_key -p 22 -j -k
; E) w, j9 |. ?3 Q# L* d$ W5 k - 1 J' k! ^! J# T H) P! \
- WAP(Dopra Linux) # ps -w|grep dropbear4 a+ }( @. [6 V& U
- 5501 root 1132 S dropbear -r /etc/dropbear/dropbear_rsa_host_key -p 22 -j -k) Y. ^5 x8 O* C _* M* j9 Q, c
- 5559 root 1344 S grep dropbear
! f; u* T7 z2 V& } A8 b" P* H9 ?; L/ p' B x, z* \
然后ssh登陆
) r3 G5 v3 Q+ F; x- 用powershell登陆ssh
: d0 R, u* v. I0 r$ k9 n! h) l - PS C:\Users\xxxx> ssh root@192.168.1.1; z9 j/ Y2 ?6 D8 |7 W! C
- root@192.168.1.1's password:
4 i; e+ Q1 D. \0 g& z
' @" y1 v$ a. a1 K/ A2 o; B- WAP>su
5 m" o0 P% A" w. Y9 f; x! }/ d - success!. _' @( Z/ A9 ]2 J, [4 U9 [
- SU_WAP>shell
" {! D/ Z7 E+ E; V8 Q
5 e/ ^4 {4 q' u' Q, ]4 U- BusyBox v1.18.4 (2017-08-16 10:43:34 CST) built-in shell (ash)$ A6 e9 j) |8 U/ W/ O+ T& |! q
- Enter 'help' for a list of built-in commands.
5 D$ u) s! n0 y6 T8 D/ n5 v1 K | - , Y+ E8 b$ W8 w4 u1 o T
- profile close core dump
5 j }) p o4 Q - WAP(Dopra Linux) # su3 t0 e" X( j. Z0 c* o! R0 q
- Password:. I S" Q4 |6 d* E- W( S
5 |% v; z8 c8 `2 a
0 c s# y1 N9 ?/ S! Z; B$ j- BusyBox v1.18.4 (2017-08-16 10:43:34 CST) built-in shell (ash)4 k! t6 ]. q/ x4 o' {
- Enter 'help' for a list of built-in commands.8 @& G+ i* g+ J8 T
8 P3 ~, f( p; Z! i9 P- WAP(Dopra Linux) # ps -w|grep dropbear) |: a( Q8 `) o b2 t; e7 u
- 5501 root 1132 S dropbear -r /etc/dropbear/dropbear_rsa_host_key -p 22 -j -k
3 b7 F2 b" a9 s9 D- WAP(Dopra Linux) # pwd
Y* o3 s! A/ @: s/ r+ L0 U - /opt/upt/apps/apps/etc/init.d$ \$ B5 K+ e3 Z) v
- s2 H n0 H1 Q. Q# i
- WAP(Dopra Linux) # ls
6 H: n" ]: e% V2 e& \ - S50dropbear dropbear; k1 _( C$ u! ^, v+ h' e0 w$ ]
- WAP(Dopra Linux) # dropbear
/ V- I( \7 C, f- v" L - cp: can't stat '/etc/dropbear/dropbear_dss_host_key': No such file or directory
! B, l$ e+ ^: o - <hw_ssp_ctool.c:587>file (/tmp/sshd_de_aes_tmp) open failed, errno (2)' F/ _" l5 m$ e- S+ P' U
- [svr-runopts.c_460]
U% M& |2 j# M9 o& L* E - cp: can't stat '/etc/dropbear/dropbear_ecdsa_host_key': No such file or directory
. J& @6 h/ ]8 K8 e7 |* K8 C6 P - <hw_ssp_ctool.c:587>file (/tmp/sshd_de_aes_tmp) open failed, errno (2)
% F( q) @0 Y$ ?9 M7 @8 u - [svr-runopts.c_460], y1 J3 O% Q0 {4 n
- " y/ Q! S# B& E& p4 f& N' ]& z
- 没dropbear_dss_host_key和dropbear_ecdsa_host_key,想手动创建一个,但是提示文件夹自读
q; c$ a& j3 |; m, \5 z* u F - WAP(Dopra Linux) # cd /etc/dropbear/
5 ~2 G/ f, w5 A1 o. w, |4 J - WAP(Dopra Linux) # ls -l) ]9 j; @. L+ G9 T% X5 z! r. W. O
- -rwxr-xr-x 1 root root 872 Aug 16 2017 dropbear_rsa_host_key
- P+ D6 L. ?# d% D& [ - WAP(Dopra Linux) # cp dropbear_rsa_host_key dropbear_dss_host_key
4 X1 J! g- a* t# W- w* I' k- i - cp: can't create 'dropbear_dss_host_key': Read-only file system5 u- B3 h, V4 ?: [* A
- , ?3 @3 P0 \# ^+ ~# x
- 查看dropbear目录又是root可写的," I# Q3 {, M: W9 L/ a' M# o
- WAP(Dopra Linux) # ls -l |grep dropbear6 U: { I3 f1 z1 b& x3 L }, C
- drwxr-xr-x 2 root root 44 Aug 16 2017 dropbear m0 y. s4 @+ \
- WAP(Dopra Linux) # whoami
. |! E/ k1 ], z9 Y - root
8 F6 _1 V5 _( s! L" r5 ]0 \7 {* _" L3 @
已解决,是我设置的软连接错误,正确的连接如下
! f+ p4 G4 i) w% _+ L) v5 V! ^- WAP(Dopra Linux) # pwd! F2 _& c% j7 q) h& P& D
- /opt/upt/apps/apps/etc/rc.d8 g! H$ H# ^$ h+ g
- WAP(Dopra Linux) # ls -l
$ t4 u! W; N8 M- A- e: B' y2 N - lrwxrwxrwx 1 root root 18 Jan 30 15:07 S50dropbear -> ../init.d/dropbear
2 i: ]9 n# K4 a3 e) T! f) q' S; K# t' J7 f6 [7 \
, B6 }8 n5 w6 \* x I
, u* T3 r& f7 }1 I) z* a
& G7 i9 c- ~# T/ a( J' S/ W1 r: A0 {+ x+ h* l# k
" Q) o$ H: G8 p. g1 q$ Y3 A
W2 l$ W: e3 ~; A7 V
/ y; C3 R, o- ` x
3 L' d# o- W1 h0 _* P
( `! D% e6 c, E8 C, R6 k L3 B0 }/ ^
# O- j) i& A' l
& [+ C1 a8 V% H1 u0 d
0 P+ G! _, E% K. ~9 M3 g+ m
; q4 R f7 R/ n
$ C0 @: H8 G/ c! y4 h
" N, h) v A$ l! |
1 X( X [8 n. n5 R6 i7 f
* f- H; t/ ^" X V" M! }% ]" z: y- a
- Z- _$ T& Z6 h! \) [4 O7 R1 T) B1 L9 w1 [% Q8 ]! Z8 w
X+ T: P7 f9 Y5 |
' c( Q& O; u3 J/ e4 w |
本帖子中包含更多资源
您需要 登录 才可以下载或查看,没有账号?注册
×
|
粤公网安备44152102000001号 
