openwrt firewall

/etc/config/dropbear

Sections

The dropbear configuration contains settings for the dropbear SSH server in a single section.

Dropbear

The dropbear section contains these settings:

NameTypeRequiredDefaultDescriptionenablebooleanno1Set to 0 to disable starting dropbear at system boot.verbosebooleanno0Set to 1 to enable verbose output by the start script.BannerFilestringno(none)Name of a file to be printed before the user has authenticated successfully.PasswordAuthbooleanno1Set to 0 to disable authenticating with passwords.Portintegerno22Port number to listen on.RootPasswordAuthbooleanno1Set to 0 to disable authenticating as root with passwords.RootLoginbooleanno1Set to 0 to disable SSH logins as root.GatewayPortsbooleanno0Set to 1 to allow remote hosts to connect to forwarded ports.Interfacestringno(none)Tells dropbear to listen only on the specified interface.¹⁾rsakeyfilefileno(none)Path to RSA filedsskeyfilefileno(none)Path to DSS/DSA fileSSHKeepAliveintegerno300Keep AliveIdleTimeoutintegerno0Idle Timeout

This is the default configuration:

config dropbear        option PasswordAuth 'on'        option RootPasswordAuth 'on'        option Port         '22'

免密码SCP传输文件

将电脑的id_rsa.pub拷贝到路由器/etc/dropbear目录下，

catid_rsa.pub >> authorized_keys

chmod600 authorized_keys

关闭防火墙且禁止自启动，否则客户端无法用ssh连到dropbear server

/etc/init.d/firewall stop 

/etc/init.d/firewall disable

关于firewall:

/etc/init.d/firewallSyntax:

/etc/init.d/firewall

[command]Available commands:     

start  Start the service

stop Stop the service

restart     Restart the service

reload Reload configuration files (or restart if that fails)

enable Enable service autostart

disable Disable service autostart