What's new

SSH tunnel to RT-AC68U and certain sites not loading in Firefox

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Known problem with some versions of the dropbear executable which provides SSH services. Check the version with

dropbear -V

versions between 2016.68 and 2016.73 inclusive can have the problem you are seeing. You didn't say what firmware version you are running, but the latest Merlin release includes the fix with dropbear version 2016.74
 
Asus's recent firmware is unfortunately using the broken 2016.73 release.
 
Some times is the browser client config itself.

From the machine you want to browse from...

in Putty;

ssh -D 8080 userid@remotehost

You can then set the proxy in the browser of a client to use server foo and port 8080 for a SOCKS proxy. The clients will send their requests too foo, who in turn will forward the request through ssh to remotehost. So on the internet, it will look like they are using remotehost.

If you want to forward DNS requests as well with firefox, edit the about:config in firefox and set network.proxy.socks_remote_dns to true.

One thing you might consider is to use another host inside your LAN as the remote SSH end-point (a Pi2 or Pi3 works nicely here), and port forward it... and with a Pi, one can run OpenSSH server, which has quite a few more options here than Dropbear on the router, and the upside here is that one is not exposing a potential security concern with the router itself.
 
sfx2000: No, I don't want to have a computer at home running 24/7. That's why I got a router with built in SSH, VPN and BitTorrent client

Keep in mind that it's probably ok to have tunnels from coffee shops and hotels, building outbound tunnels (VPN, SSH, whatever) in the workplace is a good way to find a new job, esp in the corporate environment.. IT folks tend to frown on unmanaged services like this.
 
RMerlin: Yes, you're correct. Why don't Asus fix their shirt? :( Is this router already too old or what?

They simply didn't release any new firmware yet. That dropbear bug was there for a very long time, and was only fixed a few months ago.

SSH tunneling is also probably not a usage scenario they are actively supporting. They added SSH mostly for management purposes, most likely.
 
SSH tunneling is also probably not a usage scenario they are actively supporting. They added SSH mostly for management purposes, most likely.

Esp when they integrated the OpenVPN server/client mode, which is more approachable from a user perspective.
 

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top