What's new

Request: populate a user.asp with a terminal

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Make WiFi Great Again

Regular Contributor
As I understand it the Merlin firmware once upon a time contained a little command prompt located next to Tools - Other Settings. Wouldnt that be so nice to have again? with nearly 15 still open and empty user.asp's maybe someone would consider populating one of them with a command prompt so we dont have to SSH every time someone wants to play with the guts an squishy parts'. A lot of the "other" alternative to stock firmwares have this feature, so maybe its time to bring this back, as an optional addon?
 
Horrifically insecure given the holes in the WebUI's security (and people just love opening it to the WAN). SSH is much more secure, and faster and full featured for command line "guts"
 
It can`t be added by an addon because it would require the httpd server to be able to run any arbitrary command, which it won`t for obvious security reasons.
 
So as i understand it the option to use http non secure web access is still there the option to use telnet is still there. The option to use un encrypted wifi is still there. The optin to keep admin admin for un pw is still there for atleast johns fork. But the option to enable a command prompt was taken out because it is too insecure? What happened to open source giving people more options? The way i see it we should at least have the option to enable a disabled prompt. Even with a reg flag warning which imo needs to be on telnet more then anything. I know this firmware isnt fully gpl but it would be nice if the gpl parts remained full of options . i guess i am barking up the wrong tree if it cant be done via a user.asp then it cant be done. I know merlin has stated in the past he wont consider bringing it back. Thats why i posted this in the addons. Hoping someone else would bring it back. I guess this thread is finito.
 
So as i understand it the option to use http non secure web access is still there the option to use telnet is still there. The option to use un encrypted wifi is still there. The optin to keep admin admin for un pw is still there for atleast johns fork. But the option to enable a command prompt was taken out because it is too insecure? What happened to open source giving people more options? The way i see it we should at least have the option to enable a disabled prompt. Even with a reg flag warning which imo needs to be on telnet more then anything. I know this firmware isnt fully gpl but it would be nice if the gpl parts remained full of options . i guess i am barking up the wrong tree if it cant be done via a user.asp then it cant be done. I know merlin has stated in the past he wont consider bringing it back. Thats why i posted this in the addons. Hoping someone else would bring it back. I guess this thread is finito.
You're right it is open source, so patches welcome :)
 
Maybe create a new user.asp with shellinabox. It's available from Entware.
 
So as i understand it the option to use http non secure web access is still there the option to use telnet is still there. The option to use un encrypted wifi is still there. The optin to keep admin admin for un pw is still there for atleast johns fork. But the option to enable a command prompt was taken out because it is too insecure? What happened to open source giving people more options?

Yes, it was taken away because it was a major security risk, allowing any malicious website to potentially run code with root privileges on your router just by having you visit a malicious website while you have an active session with your router. None of the other things you mention can allow that type of security exploit.

Just open an authenticated SSH session, like every other serious security appliances requires you to do out there.
 

Similar threads

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top