[Fork] Asuswrt-Merlin 374.43 LTS releases (Archive)

[Shampoo]

Thanks...I skimmed and missed that part.
Fantastic.
I'll give it a try tomorrow.
Cheers

 

[dave14305]

Hi John, would you consider backporting dropbear support for ed25519 keys? I converted all my SSH keys from RSA to ed25519 during my latest stint on Merlin. I realize now when I come back to the fork, I can’t use them. Themiron’s commit is here: https://github.com/mkj/dropbear/commit/3d12521735e7ef7e48be217af0f27d68e23050a7

Saves nvram space and considered more secure!

 

[john9527]

Hi John, would you consider backporting dropbear support for ed25519 keys? I converted all my SSH keys from RSA to ed25519 during my latest stint on Merlin. I realize now when I come back to the fork, I can’t use them. Themiron’s commit is here: https://github.com/mkj/dropbear/commit/3d12521735e7ef7e48be217af0f27d68e23050a7

Saves nvram space and considered more secure!

I'd almost be willing to bet you're the only one that has done this
There's a build for you to try in my private downloads.

As far as nvram space, you can move the key to jffs. See the Merlin_Fork_Options.txt file

 

[dave14305]

I'd almost be willing to bet you're the only one that has done this
There's a build for you to try in my private downloads.

Excellent! I missed my "maintenance window" for today, but I will try to report back soon.

As far as nvram space, you can move the key to jffs. See the Merlin_Fork_Options.txt file

I was just trying to make it sound more appealing for the entire user base, instead of being a selfish request to make my life easier.

 

[jrmwvu04]

Looking at the code the alias_llmnr appears to do nothing (there's a TODO comment) and alias creates a CNAME for the real name. Don't what the implication of that is as I don't use Avahi. (Although I can't actually find the part of the source code that creates those two lines in the config so I'm missing a piece of the puzzle somewhere.)

So, a data point.. these entries are not added to the generated configuration in 43E6 - it becomes standard afterwards I presume when avahi 0.7 is added/updated. From what I can gather, alias_llmnr is probably related to Link-Local Multicast Name Resolution which is the Microsoft implementation of mDNS. From what I can tell, this is a relatively narrowly supported implementation so that it doesn't do anything yet I suppose isn't surprising? I'm not a windows guy, I have zero idea what they might use that for. Apple uses Bonjour for a number of things including AirPrint, AirPlay, AirTunes, etc.

I haven't yet figured out what the reasoning behind/userfuless of the alias/CNAME is.

 

[dave14305]

I'd almost be willing to bet you're the only one that has done this
There's a build for you to try in my private downloads.

As far as nvram space, you can move the key to jffs. See the Merlin_Fork_Options.txt file

I took the fork in the road and my ed25519 key is working well. Thank you for indulging me!

 

[dave14305]

@john9527 I do see that a hostkey is not generated.

May 20 21:24:16 dropbear[22316]: Failed loading /etc/dropbear/dropbear_ed25519_host_key

 

[john9527]

@john9527 I do see that a hostkey is not generated.

May 20 21:24:16 dropbear[22316]: Failed loading /etc/dropbear/dropbear_ed25519_host_key

Actually, it was...just not in the right place
There's a fixed build up....thanks for checking it.

 

[Gar]

Actually, it was...just not in the right place
There's a fixed build up....thanks for checking it.

"Fixed" build? Is it in the dev directory or elsewhere, I don't see it yet?

 

[john9527]

"Fixed" build? Is it in the dev directory or elsewhere, I don't see it yet?

It's in a private directory where I compile just a single model for someone to try.

 

[Gar]

Not having any issues with the current build...so I'll shut up.

 

[dave14305]

Actually, it was...just not in the right place
There's a fixed build up....thanks for checking it.

Flashed and looking good. Thank you again!

 

[octopus]

I converted all my SSH keys from RSA to ed25519 during my latest stint on Merlin.

I have to ask, did you convert RSA keys or generat new one? If you convert them may I ask how?

Thanks
Octopus

 

[dave14305]

I have to ask, did you convert RSA keys or generat new one? If you convert them may I ask how?

Thanks
Octopus

I created new keys, so I “replaced” instead of “converted.”

 

[octopus]

I created new keys, so I “replaced” instead of “converted.”

Ok Thanks. That what I thought but was unsure.

 

[Raul_77]

Hi Guys,
Thanks John for maintaining this! works great on my RT-N66U, however I noticed the router is doing a lookup for www.google.com every 5 seconds or so, anyone knows why the router is making this call every 5 seconds?
Also, have you guys found a way to advertise another DHCP settings (main for start/stop IP and DNS) for GUEST networks?
Thank you,

 

[dave14305]

I noticed the router is doing a lookup for www.google.com every 5 seconds or so, anyone knows why the router is making this call every 5 seconds?

How are you determining it comes from the router itself versus from a LAN client? Do you have any dual-WAN enabled? wanduck has a reference to "www.asus.com www.google.com www.baidu.com www.yandex.com". Do you see queries to all these domains or just www.google.com?

 

[Raul_77]

How are you determining it comes from the router itself versus from a LAN client? Do you have any dual-WAN enabled? wanduck has a reference to "www.asus.com www.google.com www.baidu.com www.yandex.com". Do you see queries to all these domains or just www.google.com?

I have Pihole installed and pointed the router to Pihole , this is what I see:

PS: Dual Band is turned OFF.
Cheers,

 

[dave14305]

I have Pihole installed and pointed the router to Pihole

I doubt the router would generate AAAA queries. Is is possible you have clients using the router IP as DNS and the router is forwarding those requests to the Pihole? A very common problem depending how you setup pihole in the router (as LAN DHCP DNS or WAN DNS).

 

[octopus]

I created new keys, so I “replaced” instead of “converted.”

Did you get it work with Xshell 6 using ed25519 key's. Working fine in Winscp......