Yep, still working with DD-WRT .. I wanted to make some changes to the router config but these changes aren’t available in DD-WRT’s control panel. Since we’re working with Linux here, I figured there had to be SOME way to hack it up.. Well, I was correct! The firmware has some features that make it pretty simple to execute a script at startup. You have some options, one is to enable JFFS and physically store a script on the router. Another is to mount a Samba share on startup and keep your script there. I opted for the Samba share because it can store your script as well as allow you to upload files (via scp for instance) directly to a computer on your network through your SSHd.
The script I’m creating is only useful if you have your router configured for remote SSH management (see DD-WRT: SSH Remote Management with Public Key Authentication for my how-to). The configuration process applies to setting up any startup script on a Samba share.
The script I want to execute on startup is going to change the configuration of the Dropbear SSHd. By default, when you connect to the router via SSH, you’re presented with a pre-login prompt advertising the firmware’s version. I prefer not sharing that info with anyone (not in such a blatant fashion at any rate), so I need to kill off the dropbear process and restart it without the banner flag. You might be wondering why I don’t just edit dropbear’s config file on the router… The simple answer is that there isn’t one.
I’m going to be using a Samba share I’ve created just for DD-WRT on the machine named ubuntu (also my desktop). The local path is
~/ddwrt and the network path is
Create the script:
Create a script on your Samba share named
dd-wrt-startup.sh. One way to create the file is to enter the commands below in a terminal.
~/ddwrt/dd-wrt-startup.sh with your editor of choice and add the text below (each command should be on its own line):
## kill/restart dropbear; remove pre-logon message
dropbear -r /tmp/root/.ssh/ssh_host_rsa_key -d /tmp/root/.ssh/ssh_host_dss_key -p 22 -s
Be sure that when you specify the port (
-p 22), you use the same port that you have configured in the DD-WRT control panel.
The difference between the command to launch dropbear that I wrote, and the command the router defaults to, is that I’ve removed the banner file flag (
-b [path to loginprompt]). If you want to see what the exact command line is on your router before you make the change, SSH in and enter a
ps, someplace in the process list you’ll see the dropbear command line.
Configure Samba FS Automount:
Before going on, be sure that the Samba server has a static IP or (better yet) a static DHCP address. If you don’t use static DHCP, you may want to use the machine’s IP address instead of its name when configuring the share below. Check out the DD-WRT DNSMasq wiki page for more info.
Log into the DD-WRT Control Panel, Click Administration then select the Management tab. Scroll down to the Samba FS Automount section and configure as follows:
- SMB Filesystem: Enable
- Share: //ubuntu/ddwrt
- User Name: [valid smb user]
- Password: [smb user's password]
- Startscript: dd-wrt-startup.sh
Now all you need to do is click Save Settings and Reboot Router. The next time you SSH in, you’ll notice that no information about the router is given until you’ve provided your credentials and successfully authenticated. You will also notice that entering the
mount command will show you that your Samba share is mounted to