What's new

SSH with Keys

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

Donga120

Regular Contributor
Hi guys,

I'm trying to setup SSH via Mac/Terminal.

I've followed this guide: http://tomatousb.org/forum/t-619135/guide-using-ssh-on-tomato-without-passwords-win-mac

But when I try to connect via terminal it just says:
ssh: connect to host 192.168.1.1 port 22: Operation timed out

Any suggestions? Never attempted SSH into the router before so pulling my hair out with this.


Enable SSH - LAN Only
Allow SSH Port Forwarding - No
SSH Port - 22
* Using a different port than the default port 22 is recommended to avoid port scan attacks.
Allow Password Login - No
Enable SSH Brute Force Protection - Yes
 
Is your routers ip 192.168.1.1?


Sent from my iPhone using Tapatalk
 
Not sure then.
I would fire up Wireshark on my Mac and sniff what, if anything is being sent to the router when you try and connect.


Sent from my iPhone using Tapatalk
 
Bit over my head that to be honest, but got these....?
 

Attachments

  • 067.jpg
    067.jpg
    20.9 KB · Views: 254
  • 069.jpg
    069.jpg
    7.5 KB · Views: 269
  • 068.jpg
    068.jpg
    5.2 KB · Views: 234
Router is not responding on port 22 at all.
If the port was closed I’d expect it to say as much in a response. So maybe you have a firewall rule to drop the packets? You’d probably have had to create it though as I don’t think there are any in there as default.

As an aside; I’d get SSH working with password auth before switching to key based auth. Keep it simple and work up. Not that your issue is related to auth type at this point.


Sent from my iPhone using Tapatalk
 
Is it possible its trying to connect via port 80 instead of 22, or not?

EDIT: No it's not! :D
 

Attachments

  • 070.jpg
    070.jpg
    63.9 KB · Views: 249
Is it possible its trying to connect via port 80 instead of 22, or not?

That’ll be a web UI session you have open (incidentally you should switch to HTTPS Only instead of HTTP for security)


Sent from my iPhone using Tapatalk
 
Do you have any other devices you could use eg an iPhone or a Windows computer?

(I use the Network Toolbox app as well as Termius on my iPhone for SSH, and Putty/WinSCP on Windows).

Sometimes the client device/program is the problem, but knowing that a different device can connect is very helpful in that you then know for certain at which end the problem lies.

And do take JDB’s advice: start with username and password and then work your way up to using PKI in addition.
 
That’ll be a web UI session you have open (incidentally you should switch to HTTPS Only instead of HTTP for security)


Sent from my iPhone using Tapatalk

Done. Thanks.


Do you have any other devices you could use eg an iPhone or a Windows computer?

(I use the Network Toolbox app as well as Termius on my iPhone for SSH, and Putty/WinSCP on Windows).

Sometimes the client device/program is the problem, but knowing that a different device can connect is very helpful in that you then know for certain at which end the problem lies.

And do take JDB’s advice: start with username and password and then work your way up to using PKI in addition.

Yes I do, will try them. Although I've progressed, not sure wether its backwards or forwards but I started from scratch and now get:

Permission denied (publickey).

Simple sanity checks:
  1. Have you pressed Apply at the bottom of the page after enabling SSH?
  2. Do you have any access restrictions defined at the bottom of that page?


1. Yes.
2. Not that I can see. You mean at the bottom of Administration > System? If so, no restrictions is checked.
 
Does it work if you set Allow Password Login - Yes
 
Test with Enable SSH Brute Force Protection - No
If that doesn't work than reboot the router.
 
And you are absolutely certain you have entered your username and password correctly in the Terminal on the Mac?
 
The credentials will be the same as the web UI just for clarity.


Sent from my iPhone using Tapatalk
 
And you are absolutely certain you have entered your username and password correctly in the Terminal on the Mac?


100%. Upon looking closer, its says "MACUSER@192.168.1.1". If I'm correct, isn't it trying to log onto the router user my Mac name? Shouldn't this be set to say admin? Will give it a try...
 
Did you already generate the key and then move it to the Mac? If so, you'll need to put the key into the "Authorized Keys" box on the web interface.
 

Latest threads

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top