What's new

SCP missing?

  • SNBForums Code of Conduct

    SNBForums is a community for everyone, no matter what their level of experience.

    Please be tolerant and patient of others, especially newcomers. We are all here to share and learn!

    The rules are simple: Be patient, be nice, be helpful or be gone!

it is also possible to copy files to usb stick, mount the usb stick and copy from the command line to the jffs section.

i really do not understand why they removed SCP because security is not improved. the only thing is i need to do everything from the commandline instead of the gui
 
Last edited:
I do not know if it will work in the OP's specific environment but I'd suggest to use output redirection.

If we have two machines, i.e. a local machine named "local-A-host", and a remote machine named "remote-B-host", AND we can ssh from local-A to remote-B over ssh, then cannot we just use output redirection to transfer a .txt file contents like this:

On local-A-host execute the following (to transfer file contents from remote-B-host to local-A-host):

Bash:
ssh username@remote-B-host cat /tmp/somefolderonremoteB/somekey.txt > /tmp/somefolderonlocalA/somekey.txt

On local-A-host execute the following (to transfer content from local-A-host to remote-B-host):

Bash:
cat /tmp/somefolder-on-local-A-host/logfile.log | ssh user@remote-B-host "cat > /tmp/somefolder-on-remote-B-host/logfile.log"
 
I use this to send files to the home directory:
Bash:
#!/bin/sh
tar cz $* | ssh xxxxxx@192.168.1.1 'tar xvz'

And this to pull:
Bash:
#!/bin/sh
ssh xxxxxx@192.168.1.1 'tar cz '$* | tar xvz

I sure this could be done more eloquently.
 
What I suggested was to find the already existing instructions to install Entware that are found on various online blogs/sites. The instructions that I've used in the past (twice so far, 1st install on a GT-AC5300, 2nd install on an RT-AC86U, both running the OEM stock F/W) are found here:


On my 1st try for the GT-AC5300 router, I recall running into a couple of issues. I also decided to change some default choices to better fit the router & environment I was working with. So I ended up modifying the default "generic.sh" installer to fit my own purposes & environment.

For example, the instructions say to create an NTFS partition on the USB drive and set the volume name with the "opt" label. I created an ext4 partition instead & changed the script so the volume label can be something more descriptive (e.g. USB_Entware).

In any event, I can say that I followed about 90% of the instructions, and I've successfully installed Entware on two ASUS routers running the OEM stock F/W; this was a little over 2 years ago. YMMV, of course.


The only change for the newer firmware is to mount the usb opt folder on top of the existing opt folder which I do remotely, but can be done when the usb is inserted:
Bash:
#!/bin/sh
ssh xxxxxx@192.168.1.1 'mount /dev/sda /opt'

Then Entware installs smoothly IIRC.
 
Last edited:
The only change for the newer firmware is to mount the usb opt folder on top of the existing opt folder which I do remotely, but can be done when the usb is inserted:
Bash:
#!/bin/sh
ssh xxxxxx@192.168.1.1 'mount /dev/sda /opt'

Then Entware installs smoothly IIRC.
Yes, mounting the USB disk partition to "/opt" was a key part of the solution that I found last night after I had set up my cousin's new RT-AX86S which is replacing their 6-year-old RT-AC68U router. He's got simple home network needs (family of 4, only 2 IoT devices, laptops, iPads, ... about a dozen devices in total), and so far there has been no need to install the Asuswrt-Merlin F/W on it. It's currently running the latest ASUS stock 388.20566 F/W.

I had written before a script that I used to install Entware on the GT-AC5300 & RT-AC86U running ASUS stock F/W. On the RT-AX86S (and likely on other AX routers), the problem is that "/opt" already exists as a directory (*not* a symbolic link), so I modified my script to mount the USB disk "entware" directory to "/opt" before starting the actual Entware generic installer. It all worked very well. I tested my script a few times with other alternatives and eventually found this was the best solution, IMO, so far. In addition, there's a "scripts" folder inside the existing "/opt" directory which contains some script files. To avoid any possible issues, I copy the "/opt/scripts" folder to the "entware" directory in case "something" in the F/W calls those scripts.

BTW, I install Entware primarily to get some useful tools missing from the F/W (e.g. nano, htop, diff, tcpdump, lsof, fuser, ltrace, etc.), and especially now because SCP is missing as well. IMO, these tools are essential to have readily available for quick diagnostic purposes, so my script *automatically* installs the corresponding packages and modifies the "/opt/etc/profile" as I recommended before on this <post>. It also sets the current SSH port number for the Entware's SCP tool to work as expected (e.g. with WinSCP). After my script successfully completes, the Entware installation is ready to go with some of the tools that I want available on the router.

I can provide my script file if anyone is interested in trying it with their AX routers (or AC types as well).

Here's a screenshot from the RT-AX86S with Entware:

RT-AX86S_withEntware_.jpg
 
Yes, mounting the USB disk partition to "/opt" was a key part of the solution that I found last night after I had set up my cousin's new RT-AX86S which is replacing their 6-year-old RT-AC68U router. He's got simple home network needs (family of 4, only 2 IoT devices, laptops, iPads, ... about a dozen devices in total), and so far there has been no need to install the Asuswrt-Merlin F/W on it. It's currently running the latest ASUS stock 388.20566 F/W.

I had written before a script that I used to install Entware on the GT-AC5300 & RT-AC86U running ASUS stock F/W. On the RT-AX86S (and likely on other AX routers), the problem is that "/opt" already exists as a directory (*not* a symbolic link), so I modified my script to mount the USB disk "entware" directory to "/opt" before starting the actual Entware generic installer. It all worked very well. I tested my script a few times with other alternatives and eventually found this was the best solution, IMO, so far. In addition, there's a "scripts" folder inside the existing "/opt" directory which contains some script files. To avoid any possible issues, I copy the "/opt/scripts" folder to the "entware" directory in case "something" in the F/W calls those scripts.

BTW, I install Entware primarily to get some useful tools missing from the F/W (e.g. nano, htop, diff, tcpdump, lsof, fuser, ltrace, etc.), and especially now because SCP is missing as well. IMO, these tools are essential to have readily available for quick diagnostic purposes, so my script *automatically* installs the corresponding packages and modifies the "/opt/etc/profile" as I recommended before on this <post>. It also sets the current SSH port number for the Entware's SCP tool to work as expected (e.g. with WinSCP). After my script successfully completes, the Entware installation is ready to go with some of the tools that I want available on the router.

I can provide my script file if anyone is interested in trying it with their AX routers (or AC types as well).

Here's a screenshot from the RT-AX86S with Entware:

View attachment 44755
Would be great to see, and get, the mentioned file. THANKS!
 
Would be great to see, and get, the mentioned file. THANKS!
OK, here are general instructions to get & run the script file.

PREREQUISITES:

- Familiarity with the router SSH & CLI tools (e.g. chmod, mkdir, vi, etc.).

- There's already a USB disk attached to the router with at least one partition formatted with "ext4" filesystem. The USB disk can have more than one partition.

- The router already has the SSH server enabled to "LAN Only" (preferably using SSH keys to log in).

STEPS:

1) Log in to your router via SSH. In the terminal window type the following cmds:
Bash:
mkdir -p /jffs/scripts ; chmod 755 /jffs/scripts
curl -kLSs pastebin.com/raw/q3buAL0T | tr -d '\r' > /jffs/scripts/CustomEntwareInstaller.sh
chmod 755 /jffs/scripts/*.sh ; cd /jffs/scripts

2) From inside the "/jffs/scripts" directory run the script using this syntax:
Bash:
./CustomEntwareInstaller.sh -volumeID "USB_VolumeID"
Where "USB_VolumeID" is the volume name of your USB disk partition where Entware will be installed. This is *NOT* the full directory path.

For example, to install Entware in "/tmp/mnt/USB_Disk/entware" the cmd would be:
Bash:
./CustomEntwareInstaller.sh -volumeID USB_Disk

Upon completion, Entware should be installed successfully. Otherwise, check for error messages shown in the terminal window, and see if a log file "/tmp/var/tmp/GenericInstaller.LOG" is found.

That's it. You can now run some of the tools like nano, htop, SCP to check if the installation is OK.

EDIT:
See follow-up post #29 for a separate script that gets called when rebooting the router *after* Entware has been installed successfully using the above instructions.
 
Last edited:
NOTE: This is a follow-up from the previous post #28.

After Entware has been successfully installed, you need another script that gets called every time when a USB disk partition gets mounted & unmounted (e.g. when rebooting the router). This is important so that the mount point to the "/opt" directory is created/removed accordingly. Also, any Entware services that you may install later on are started & stopped properly when needed.

You can write your own script, of course. Or if you want, you can use the one I'm providing here.

STEPS:

1) Log in to your router via SSH. In the terminal window type the following cmds:
Bash:
chmod 755 /jffs/scripts
curl -kLSs pastebin.com/raw/nBCf08Sb | tr -d '\r' > /jffs/scripts/EntwareHandler.sh
curl -kLSs pastebin.com/raw/bHmramJT | tr -d '\r' > /jffs/scripts/MiscDefsFuncs.lib.sh
curl -kLSs pastebin.com/raw/zsECKg5F | tr -d '\r' > /jffs/scripts/MyCustomParams.conf
chmod 755 /jffs/scripts/*.sh ; cd /jffs/scripts

NOTE: If at any point you get an error message from a "curl" cmd (e.g. "curl: (7) Couldn't connect to server"), it might be that the "pastebin.com" server is overloaded with too many connection requests. In any case, just wait a few seconds and try the command again until it's successful.

2) Edit the "/jffs/scripts/MyCustomParams.conf" file to match your own setup. Especially important is to set the "USB_VolumeID" variable to the correct volume name of the USB disk partition where Entware is installed.

3) From the "/jffs/scripts" directory run the script as follows:
Bash:
./EntwareHandler.sh -setnvramvars

This will set the required NVRAM variables so that the script gets called when the USB disk partition gets mounted & unmounted.

You can now test unmounting the USB disk via the router's web GUI & then mounting it again by unplugging it & then plugging it back into the USB port. Or, you could reboot the router to make sure that the Entware partition is properly mounted & unmounted as required.

That's it.
 
3) From the "/jffs/scripts" directory run the script as follows:
Bash:
./EntwareHandler.sh -setnvramvars

This will set the required NVRAM variables so that the script gets called when the USB disk partition gets mounted & unmounted.

Greetings,

The EntwareHandler.sh script has been removed from PasteBin for some reason.

Can you provide a new link for this script?

Thank you!
 

I was actually referring to the script that @Martinski created and posted to PasteBin:

pastebin.com/raw/nBCf08Sb

From his instruction in Post #29:

Bash:
chmod 755 /jffs/scripts
curl -kLSs pastebin.com/raw/nBCf08Sb | tr -d '\r' > /jffs/scripts/EntwareHandler.sh
curl -kLSs pastebin.com/raw/bHmramJT | tr -d '\r' > /jffs/scripts/MiscDefsFuncs.lib.sh
curl -kLSs pastebin.com/raw/zsECKg5F | tr -d '\r' > /jffs/scripts/MyCustomParams.conf
chmod 755 /jffs/scripts/*.sh ; cd /jffs/scripts
 
Greetings,

The EntwareHandler.sh script has been removed from PasteBin for some reason.

Can you provide a new link for this script?

Thank you!
The 3 files that you need to download are available in PasteBin:
Bash:
mkdir -m 755 -p /jffs/scripts
curl -kLSs --retry 3 --retry-delay 3 --retry-connrefused pastebin.com/raw/hiyhaU99 | tr -d '\r' > /jffs/scripts/EntwareHandler.sh
curl -kLSs --retry 3 --retry-delay 3 --retry-connrefused pastebin.com/raw/zsECKg5F | tr -d '\r' > /jffs/scripts/MyCustomParams.conf
curl -kLSs --retry 3 --retry-delay 3 --retry-connrefused pastebin.com/raw/m8t4j7ES | tr -d '\r' > /jffs/scripts/MiscDefsFuncs.lib.sh
chmod 755 /jffs/scripts/*.sh

The steps 2) & 3) as described in post #29 are the same.

HTH
 
The 3 files that you need to download are available in PasteBin:
Bash:
mkdir -m 755 -p /jffs/scripts
curl -kLSs --retry 3 --retry-delay 3 --retry-connrefused pastebin.com/raw/hiyhaU99 | tr -d '\r' > /jffs/scripts/EntwareHandler.sh
curl -kLSs --retry 3 --retry-delay 3 --retry-connrefused pastebin.com/raw/zsECKg5F | tr -d '\r' > /jffs/scripts/MyCustomParams.conf
curl -kLSs --retry 3 --retry-delay 3 --retry-connrefused pastebin.com/raw/m8t4j7ES | tr -d '\r' > /jffs/scripts/MiscDefsFuncs.lib.sh
chmod 755 /jffs/scripts/*.sh

The steps 2) & 3) as described in post #29 are the same.

HTH

Thank you for this.
 
Hi guys.
Do you think that all of this thread is just because of a single idiot inside Asus, who decided to steal a feature from a stock firmware? ;-)
And make all of us doing something like this:

cat <<EOF | ssh user@$IP "cat >>./remotefile.txt"
line one
line two
line three
EOF
 
Last edited:
Similar threads
Thread starter Title Forum Replies Date
visortgw Recent Security Patches — Still Missing ASUSWRT - Official 52

Similar threads

Latest threads

Support SNBForums w/ Amazon

If you'd like to support SNBForums, just use this link and buy anything on Amazon. Thanks!

Sign Up For SNBForums Daily Digest

Get an update of what's new every day delivered to your mailbox. Sign up here!
Top