Menu
What's new
By:
Filters Better Search

SSH open on WAN after fresh install?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

JoeTheDownloader

JoeTheDownloader

Occasional Visitor
Hi,

First of all thanks very much Eric and anyone else involved in making Asuswrt-Merlin.

Just a quick note about a possible little security issue - I just did a fresh install over my existing stock Asuswrt. I had SSH enabled but it was only enabled on LAN (I know for certain that it was not responding on WAN before I installed Merlin). However after install, when I went through the settings to familiarise myself, I found that SSH was enabled on WAN as well! Obviously it is cool to have that feature as an option but I don't think it is a good idea for it to be on by default.

Is this expected behaviour, or a bug?

Thanks!
 
It's not enabled by default. Either you enabled it, or you disabled the firewall and are running an older version where dropbear binds to all network interfaces by default.

Also make sure you test from outside your network. Testing it from inside won't work, since you will be going through the internal loopback, never really leaving your LAN.
 
I did enable it - I had SSH enabled on stock before I installed Merlin. However it was only accessible on LAN - I'm certain of that as I remember nmapping from a server in AWS after I enabled OpenVPN to ensure that no ports were open. I'm also the only person with admin on this router.

Straight after installing Merlin I went through all the settings (to see what was newly available) and SSH was set to LAN+WAN before I adjusted anything. I then tested it, again from AWS, and was able to log in with my SSH key.

I have disabled it now so it is not a problem for me.
 
JoeTheDownloader said:
I did enable it - I had SSH enabled on stock before I installed Merlin. However it was only accessible on LAN - I'm certain of that as I remember nmapping from a server in AWS after I enabled OpenVPN to ensure that no ports were open. I'm also the only person with admin on this router.

Straight after installing Merlin I went through all the settings (to see what was newly available) and SSH was set to LAN+WAN before I adjusted anything. I then tested it, again from AWS, and was able to log in with my SSH key.

I have disabled it now so it is not a problem for me.
Click to expand...

Asus changed the way this setting worked a couple of revisions ago. It's possible you got affected by this after an upgrade.
 
You must log in or register to reply here.

Similar threads

H
Asus RT-AC68U SSH not responsive after time, reboot not helping.
Replies
4
Views
432
Heronimos
H
S
SSH Issues on AX86U with Merlin 388.2_2
Replies
2
Views
558
Sonofdavidsfather
S
E
[HACKED?] SSH not working all of a sudden (and strange log lines) - RTAC87U
Replies
17
Views
1K
elbubi
E
S
Open ports query on AX88U
Replies
6
Views
388
Viktor Jaep
Viktor Jaep
W
X88u Merlin dual wan over ethernet causes soft brick
Replies
3
Views
351
Honkoponko123
H
Similar threads
Thread starter Title Forum Replies Date
G RESOLVED: Lost access to WebUI from LAN, SSH is working Asuswrt-Merlin 1
W Tera Term can't SSH connect to router running Merlin 384, but works when flash back to ASUS stock FW Asuswrt-Merlin 6
R Prevent SSH Disconnect / Timeout around ~ 105-116 seconds from last activity on terminal session Asuswrt-Merlin 7
H Asus RT-AC68U SSH not responsive after time, reboot not helping. Asuswrt-Merlin 4
Davidncali001 Internet connection drops for 10 seconds randomly only when SSH into router. Asuswrt-Merlin 5
E [HACKED?] SSH not working all of a sudden (and strange log lines) - RTAC87U Asuswrt-Merlin 17
S SSH Issues on AX86U with Merlin 388.2_2 Asuswrt-Merlin 2
S How to start Wireguard client via SSH? Asuswrt-Merlin 3
D SSH - Shortcut to Enable / Disbale Wireguard VPN Asuswrt-Merlin 1
C How to delete a wifi network using SSH? Asuswrt-Merlin 44

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!

Members online

Total: 658 (members: 18, guests: 640)
Top