由於SSH以及Luci默認採用相同的賬戶root和密碼,因此路由器很容易被別人SSH登錄。可以通過修改web與ssh密碼獨立防止別人SSH登錄路由。
1.修改/etc/passwd
添加 admin:x:0:0:root:/var:/bin/false(禁止ssh登錄)
修改root用戶 root:x:0:0:root:/root:/bin/ash 修改爲username:x:0:0:root:/root:/bin/ash
2.修改/etc/shadow
添加 admin:uL5mRlqPSUNNI:17680:0:99999:7:::(admin默認密碼)
修改 root:$1$BOL4ILjH$P4Fdbh1cgrDfqDJ19skha0:17666:0:99999:7::: 修改爲username:$1$BOL4ILjH$P4Fdbh1cgrDfqDJ19skha0:17666:0:99999:7:::
3.修改/usr/lib/lua/luci/controller/admin/index.lua
將page.sysauth = {“root”}修改爲page.sysauth = {“username”}
4.修改/usr/lib/lua/luci/controller/admin/servicectl.lua
將entry({“servicectl”}, alias(“servicectl”, “status”)).sysauth = {“root”}修改爲entry({“servicectl”}, alias(“servicectl”, “status”)).sysauth = {“username”}
修改第四條才能通過web後臺修改web登錄密碼;