Start a New Discussion

Start a New Discussion

Orbi WiFi 7 RBE973
Reply

d7000v2 I can ssh to my router

mrqqob
Aspirant
Aspirant
‎2019-12-04 07:20 PM
‎2019-12-04 07:20 PM

d7000v2 I can ssh to my router

hello 

 just tried to ssh to my freshly reset router and this was the outpot

admin@192.168.0.1's password:

I tried my password but it didn't work

Im not an expert but i think ssh is enabled ? if yes how i can disable it out of security concerns

Model: D7000|Nighthawk AC1900 VDSL/ADSL Modem Router
Message 1 of 6
0 Kudos
Reply
antinode
Guru
Guru
‎2019-12-04 09:22 PM
‎2019-12-04 09:22 PM

Re: d7000v2 I can ssh to my router

> d7000v2 [...]

 

   Firmware version?

 

> [...] Im not an expert but i think ssh is enabled ? [...]

 

   It looks that way.  Before I got too worried, however, I might see if
I could get a response from the WAN/Internet side.  (_Really_ from the
outside world, not just from the LAN using the WAN/Internet IP address
-- NAT loopback might make that look as if it works when a real
outside-world connection will not.)

 

   If it _does_ work from the outside world, then I'd expect that a
port-forwarding rule with a nonexistent target server address ought to
block any actual outside-world connections to the router's own SSH
server.

 


   Interesting.  On a D7000[v1] (currently V1.0.1.74_1.0.1), I've never
seen any hints of SSH, only Telnet (if you enable it explicitly):

 

      # netstat -an | grep 22
      #

Message 2 of 6
0 Kudos
Reply
mrqqob
Aspirant
Aspirant
‎2019-12-05 09:28 AM
‎2019-12-05 09:28 AM

Re: d7000v2 I can ssh to my router

firmware version: V1.0.0.56_1.0.1

feshly reset no changes made 

i can ssh the public ip from the same network 

the wierd thing that when i ssh admin@..... i cant log in with the password used for the web interface 

Message 3 of 6
0 Kudos
Reply
antinode
Guru
Guru
‎2019-12-05 11:36 AM
‎2019-12-05 11:36 AM

Re: d7000v2 I can ssh to my router

> i can ssh the public ip from the same network

 

   "same" as what?  Your LAN?

 

> [...] (_Really_ from the
> outside world, not just from the LAN using the WAN/Internet IP address
> -- NAT loopback might make that look as if it works when a real
> outside-world connection will not.)

 

   Still my suggestion.

 

> the wierd thing that when i ssh admin@..... i cant log in with the
> password used for the web interface

 

   If no one can guess the password, then the threat may be small, even
if a connection can be made from the WAN/Internet side.

 

   If you want to poke around on the thing, then you might be able to
get shell access using Telnet.

 

   Some router model and firmware combinations have a "debug.htm" or
similar page in the management web site which offers an easy way to
enable Telnet access.  With others, a third-party program can send a
special message to the router to do the job.  A Web search for terms
like, say:

 

      netgear  telnet  enable

 

should find one or more such programs.  (I use the program which I
modified: http://antinode.info/nte/ )

Message 4 of 6
0 Kudos
Reply
mrqqob
Aspirant
Aspirant
‎2019-12-05 11:47 AM
‎2019-12-05 11:47 AM

Re: d7000v2 I can ssh to my router

I just tried ssh my puplic ip using 4g network it didn't connect
I think I'll try downgrade the router then reset it again to see if this will fix the ssh thing
Thank you for your help
Message 5 of 6
0 Kudos
Reply
antinode
Guru
Guru
‎2019-12-05 02:19 PM
‎2019-12-05 02:19 PM

Re: d7000v2 I can ssh to my router

    Please report back if you learn anything (else) interesting.

Message 6 of 6
0 Kudos
Reply
Top Contributors
See All
Discussion stats
  • 5 replies
  • ‎2019-12-04 07:20 PM
  • 3919 views
  • 0 kudos
  • 2 in conversation
Announcements

Orbi WiFi 7