Telnet/SSH and the command line/zh cn

From DD-WRT Wiki

Jump to: navigation, search

你的位置: DD-WRT维基主页 / 脚本 / SSH/Telnet & The CLI

Contents

[edit] 使用Telnet

  1. 运行你喜爱的TELNET客户端工具(在Windows操作系统中你需要【开始】->【运行】然后输入telnet+空格+路由器的IP地址,然后回车即可). Windows vista/7 需要安装
  2. 链接到<路由器的内网IP地址Router_LAN_IP> 例如 192.168.1.1

在命令行中输入像下面一样:

telnet 192.168.1.1
  1. 当要求输入登陆用户名时输入 root (前提是你尚未在管理界面修改过路由器的登陆用户名)
  2. 当出现要求输入密码时输入你设置的路由器的密码(默认密码为"admin")


[edit] SSH

[edit] 概述

SSH, 是 Secure Shell 的简称 ,是一种加密协议,也是一种用来替代telnet的程序。它用来建立安全的通道,类似虚拟专用网VPN, 也可以当成网络文件系统 network file system (Sshfs)。 默认设置下,ssh工作使用22号端口。

SSH 的操作方式与 telnet 类似,也使用帐户/密码,或者使用公钥/私钥方式。要使用后者方式生效,公钥/私钥均来自特定的服务器。您所在客户端要发送的数据使用服务器的公钥进行加密,然后发送到服务器;服务器使用你的公钥加密数据,然后传送给你。私钥从不用于交换信息,用于解密指定公钥对应的加密数据。

DD-WRT 固件可以使用帐户/密码方式进行登入,或者只允许客户通过网页界面手工输入公钥进行连接。可分行输入多个公钥。
如果想通过用户名密码使用SSH,可通过web界面设置密码,用户名是“root”。

其实,你可以手工设置(通过telnet或ssh)NVRAM的sshd_authorized_keys 变量。

比如: nvram set sshd_authorized_keys=key1 key2 key3 etc

您也可以手工编辑 /tmp/root/.ssh/authorized_keys 文件,在其中添加密钥(虽然这些修改在重启后失效,除非你使用启动脚本每次启动自动修改这些设置)。

It is worth pointing out ssh keys are quite long strings of characters so if you paste them in you have to be careful that you don't get any line breaks (ie it is one Long continuous line). or they will not work.

[edit] 设置

[edit] 公钥方式

Public key authentication is one of the most secure methods of logging into SSH. It functions similar to HTTPS, as all transmissions are encrypted with a key that only the client and server will have. Another plus...if you use this method instead of password authentication, no one will be able to crack away at your router trying to guess the password!

To enable it, first you should generate a Public/Private key pair on your desktop machine. This can be done through the "Puttygen" utility if you're using either Putty or WinSCP as clients. Copy the public key to the clipboard and save the private key somewhere on your computer. There is no need to save the public key. If you forget it, you can instruct Puttygen to open your private key file rather than generating a new key pair and it will tell you your public key. Users of non-windows environments may use the ssh-keygen(1) utility:

user@machine:~> ssh-keygen
Generating public/private rsa key pair.
Enter file in which to save the key (/home/user/.ssh/id_rsa):
Enter passphrase (empty for no passphrase):
Enter same passphrase again:
Your identification has been saved in /home/user/.ssh/id_rsa.
Your public key has been saved in /home/user/.ssh/id_rsa.pub.
The key fingerprint is:
68:1c:50:0e:76:c1:d0:c7:9e:5e:5a:65:78:20:5c:fb user@machine.example.com

It is recommended that you don't secure your key pair with a password, as this will make things easier for you, although somewhat less secure.

  1. Using the Web Interface, go to the Administration tab. (in v24 use Services tab)
  2. Under the Services sub-tab, Enable SSHd in the Secure Shell section. If new options don't appear, Save Settings
  3. Paste your public key in the authorized key of the SSHD section that has now expanded. You will need to generate this on your desktop if you don't have one yet.
  4. Save and Apply Settings

NOTE: The format of the public key when pasted has to be "ssh-rsa", space, key, space, comment. Here is an example: (please note that there should be no line feed at the end)

 ssh-rsa AAAAB4NfaC3yc5AAAPEAqvM ... NC+j4jZfYmBTi7Q== user@machine.example.com

Alternate method:

Connect with ssh (login/password :0)
root@wrt54g:~# nvram set sshd_authorized_keys='
---- BEGIN SSH2 PUBLIC KEY ----
Comment: "rsa-key-20080321"
ssh-rsa   AAAAB4NfaC3yc5AAAPEAqvM ... NC+j4jZfYmBTi7Q==
---- END SSH2 PUBLIC KEY ----
'
root@wrt54g:~# nvram commit
root@wrt54g:~# reboot

Remember to enter your key as an entire characters line (no space, tab...)


In Putty, you can enable key authentication by opening the SSH authentication configuration (Connection -> SSH -> Auth) and entering or browsing to your private key file. Also make sure your auto-login username is root (in Connection -> Data).

[edit] 密码登陆方法

If you don't want the hassle of generating ssh keys, you may use the password logon method. However, please be aware that this method is much less secure! (passwords may be truncated to 8 characters or less)

  1. Using the Web Interface, go to the Administration tab. (in v24 use Services tab)
  2. Under the Services sub-tab, Enable SSHd in the Secure Shell section. If new options don't appear, Save Settings
  3. Enable Password Login to enable the password login
  4. Save and Apply Settings

After this you may login as user "root" with the password you set for the webinterface

[edit] 自动登陆(for shell scripts)

Dropbear SSH 客户端允许你通过环境变量设置密码. 当你需要dd-wrt通过ssh自动连接到另外的主机时会用到这种方法。

#the following requires dd-wrt v24 or later
DROPBEAR_PASSWORD='my password' ssh user@hostname

[edit] 安全贴士

  • 选择一个随机的、非标准大于1024的端口,尤其是允许从互联网ssh登录时! 多数攻击者会使用端口扫描器,而这些端口扫描器通常只扫描默认端口. 扫描全部65535个端口太慢了,使得找到攻击途径更困难,也更容易入侵防御系统识别出来.
  • Memorize, or record somewhere safe, your router's key fingerprint! In the process of logging into your router, if you see that the key fingerprint matches, you can rest assure noone is spying on your connection (i.e. via man-in-the-middle attack). If the key fingerprint does NOT match (your SSH client would likely notify you of this), something is wrong and you should consider terminating the connection immediately! (Note: the router's key fingerprint may change upon reset and/or upgrade, as it will likely generate a new key pair)
  • For even more added security when using the public key method, you can password protect your private key. This way, if someone malicious happens to get ahold of it, they will still not be able to log into your router without first cracking the password of the key. Otherwise, if the keys are unprotected, anyone who stumbles upon them could likely gain immediate root access to your router and network.

[edit] SSH Shell客户端

telnet标准工具的安全替代工具.
Windows下一个好的客户端是 Putty
配置客户端使用之前保存的私密钥匙。
多数 Linux 发行版默认装有 telnet 和 SSH 客户端.

[edit] SSH 端口转发

SSH 端口转发可以建立一个加密的隧道传输数据, 有点像 VPN. 接下来介绍两种不同的端口转发方式:本地和远程。

[edit] 本地端口转发

实例:

假设开启了路由器的SSH管理功能,以便可以从internet的任何地方访问. 你英明的关闭了远程http和https管理功能(http不安全,https费资源)但现在你不能直接联接到路由器的web界面...起码你这么想;)

现在该SSH端口转发出场了.它能以安全的方式访问路由的web界面,而该界面却只接受来自局域网的访问。

Open up your SSH client and set up a Local port forward to destination localhost:80. Once the SSH connection is up, now you connect to your own machine's source port eg. http://localhost:81* and it creates a secure tunnel to the Web Interface of the router. No more worries about someone spying on your router's traffic and/or password!

  • 81 will be replaced with whatever port you have set for ssh locally on the router. For more information related to the tunnel setup see here:

Forum Discussion


[edit] 需求
  • Remote SSH Management should be enabled, under Administration -> Management. (Note: For local forwards, this is only required if you're SSH'ing directly into the router from the WAN. Local forwards can be of many other uses as well, such as tunneling traffic between two LAN machines, or even over the Internet.)
[edit] 设置

Setting up a local port forward is relatively straightforward when using the PuTTY utility under Windows. See Connections -> SSH -> Tunnels. Make sure your configuration includes parameters as illustrated above. Namely,

  • Source port (port # on your computer)
  • Destination IPAddress:Port (target machine and port #)
  • Type: Local

[edit] 远程端口转发

这可以用来为类似RDP远程桌面程序在互联网上建立一个加密的通道. 例如,想从家里的电脑联接到办公室的电脑。

情况:

家里电脑 <-> 路由器 <-> 互联网 <-> 防火墙 <-> 办公室电脑

办公室电脑, which is running RDP on port 3389, issues ssh -R 5555:localhost:3389 root@router.home

家里电脑 can use his RDP client to connect to port 5555 on the router and this would create an SSH tunnel which will connect HomePC to port 3389 on the WorkPC.

[edit] 要求
  • DD-WRT v24 RC7以后的版本
  • SSHd 和 SSH TCP 转发必须开启,在服务 -> Secure Shell
  • 远程 SSH 管理也要开启, 在管理 管理 -> 管理
[edit] 设置

Windows下使用PuTTY设置一个远程端口转发相对容易. 查看 Connections -> SSH -> Tunnels. 配置应包括上面提到的参数. 即,

  • 本地和远程端口应能接收别的主机的连接
  • 源端口 (端口 # 在路由器上应>1024)
  • 目的IP:端口
  • 类型:远程 Remote

[edit] SCP

Secure Copy (SCP)允许从桌面机器复制文件到路由器内或反之.
一个Windows下好用的单客户端是 WinSCP
配置客户端使用之前保存的私密钥匙,或者使用 "root"搭配之前设置的密码。
注意: 只有 /tmp 和 /jffs partitions 可写!

[edit] Drop Bear

DropBear 是WRT54G默认安装的 SSH 客户端/服务器. DropBear 可以建立 WRT54G 到 SSH 服务器的连接以便使用 scp 等命令. I don't believe SSHD needs to be enabled through the Web Interface in order to use the client portion of DropBear.

如果电脑上有 SSH 服务端, (如 OpenSSH) 可以通过 scp command命令从电脑上获得文件.可以把电脑里的文件复制到 Startup Script

[edit] DD-WRT命令行

亦称为 the DD-WRT Linux shell

这属于 'ash' shell。Ash 是sh的衍生版本,字面意思是 'A SHell' (命令解释)

[edit] 基本语法

Linux 命令 (Ash) 与 Windows/DOS 命令提示符不一样。

字符/ (而非 \) 用于分隔路径中的目录,与网址一样。

要执行命令的话,必须提供命令的路径(完全路径或相对路径)。

[edit] 相对路径操作符

有两种相对路径操作符:

.        当前路径
..       当前路径的上一层路径

[edit] 举例

1) 如果你当前位于 /jffs/usr/bin 目录,希望执行 /jffs/usr/bin/noip 命令,可以输入:

/jffs/usr/bin # /jffs/usr/bin/noip

/jffs/usr/bin # ./noip


2) 如果你当前位于 /jffs/usr/bin 目录,希望执行 /jffs/usr/kismet 命令,可以输入:

/jffs/usr/bin # /jffs/usr/kismet

/jffs/usr/bin # ../kismet

/jffs/usr/bin # cd ..
/jffs/usr # ./kismet


3) Relative paths can also be used as arguments. If you installed the noip package, you'd notice that the command is installed as /jffs/usr/bin/noip but its configuration file is installed as /jffs/etc/no-ip.conf When running noip, it is thus required to give it the path to its configuration file with the -c command. This can be done like:

/jffs/usr/bin # ./noip -c /jffs/etc/no-ip.conf

/jffs/usr/bin # ./noip -c ../../etc/noip.conf

notice that the first ../ brings us to /jffs/usr/. The second ../ brings us to /jffs/, and then the rest of the path can be appended.


4) While the other examples all showed how to save typing, you can also really screw around with relative paths. To launch the noip command in example 1, you could also use

/jffs/usr/bin # ../../../jffs/./usr/./bin/././../bin/././noip

Here we browse all the way back to the root / directory, then climb back up to /jffs/usr/bin, drop back down to /jffs/usr and then climb back up to /jffs/usr/bin.
Current path references of /./ are thrown in sporadically just to mix things up. Notice how /./ always references the then current path, not the original path of the shell when the command was entered.

[edit] 管道和重定向

The output of commands can be piped through other commands or redirected to devices and files.

< and > are the redirect operators.   < Takes input from a device or file and routes it as input to the command given.   > Takes output from a command and redirects it as input for a device or file. Ex: If you don't want to see the output of a command, redirect it to the null device:

command > /dev/null

| is the pipe character, and pipes the output through another command (for formatting, etc) Ex: the most common use of the pipe is to limit the output of a command:

command | more

This is extremely useful for commands like nvram show which list some 800-1200 lines. nvram show | more will list the results 1 page at a time.

[edit] 后台进程

It is possible to run programs in the background (returning you to the command prompt immediately) by terminating your command with the & character. ex:

command &

Make sure you add a space between your command and the ampersand or you will result with a File not found error.

[edit] WEB-GUI (http[s]) Special note

The built-in WEB-GUI command line interface (Diagnostics.asp page) allows only about 200 characters max per line.
特殊字符比如 " 或者 | 必须在前面添加字符 \
比如, 如想输入if you want to set a text nvram value:
Instead of

nvram set svqos_svcs="edonkey p2p 0:0 40 | bittorrent p2p 0:0 40 |"

需要输入

nvram set svqos_svcs=\"edonkey p2p 0:0 40 \| bittorrent p2p 0:0 40 \|\"

[edit] 基本命令

<command> -h                 The -h flag almost always provides help on a command. Use it!
ls                           List the contents of the current directory
cd <directory or full path>  Change to that directory or path
cp <source> <destination>    Copy the source file to the destination
cp -r <source> <destination>    Copy the source directory to the destination directory
mv <source> <destination>    Move the source file to the destination
mkdir <directory name>       Create a new directory
wget <URI>                   Download the file at the given URI to the current path
tar -xz -f <file>            un-gzip and un-tar the given *.tgz or *.tar.gz file
rm <file>                    Delete the file
rm -r <directory>            Delete the directory and all contents
killall <program name>       Kill all running processes of the program
ps                           Show running processes
top                          Show running processes in a graphical frontend

[edit] 更高级的命令

以下命令有自己的 wikis 页面:

[edit] 参见

Script Examples
Sshfs
Startup Scripts
SSH access from internet
Tunnel all traffic over ssh using remote windows machine and Putty

[edit] 扩展链接

Wikipedia's SSH article
Linux Shell Scripting Tutorial
Telnet/SSH BusyBox Commands
Configuring FTP/Telnet
Increasing number of Telnet sessions allowed