[sf-lug] Hacking embedded devices..
rick at linuxmafia.com
Tue Dec 21 18:20:49 PST 2010
> The thing is, OpenWRT is a real Linux distribution. Real Linux
> distributions don't have hard-coded SSL (or SSH) keys. You have to
> create them when you configure the WAP/router.
Caveat: It's been something like a year since I set up OpenWRT
from scratch, so you're on your own about that, and I don't promise to
remember details. However:
> Moreover, OpenWRT doesn't default to permitting administration from
> the public interface, to begin with.
This part I'm quite sure about.
Setup is described here:
Steps to secure administrative access are here:
Note that there _isn't_ a default SSL cert, and the recommended steps
involve either redirecting the port 8080/tcp Web-admin access over
Dropbear sshd or a combination of Lighthttpd and OpenSSL. Dropbear
setup generates a local host keypair _dynamically_ by the administrator,
and you'll notice that the OpenSSL instructions likewise run you through
generating and self-signing a local cert.
Ergo, as I said, not burned into the firmware.
(Please be aware that OpenWRT, unlike DD-WRT, is a genuine open-source
More information about the sf-lug