How to use ssh on DD-WRT v24sp1 wrt54gl ROUTER?

When you same remote, do you mean over the WAN interface?
If so you need to enable this in the configuration menu.

Ya. from outside to my network. I have tried this http://www.dd-wrt.com/wiki/index.php/Tunnel_all_traffic_over_ssh_using_remote_windows_machine_and_Putty 

but nothing is working

So your attempting RDC over SSH, not just a remote SSH connection to the DD-WRT, is that correct?

ya. I was able to ssh to my router, but not to my host pc.
Since my is v24 sp1, it's different from that tutorial. I went to Service -> Secure Shell -> enable SSHd, also SS TCP forwarding and I changed the port to 443

Form Putty, in Sesson, I type the public ip and port :443

In Tunnels: Source port 3389 / destination 192.168.1.5:3389 (my local pc)

I also ensured the remote desktop is enabled.

Have you made sure the firewall on the XP machine is disabled?

there is no firewall enabled on the xp. but i am not sure if the frewall on the client side block traffic... but I think it's not possible, since I am using port 443.. the firewall should not block outgoing traffic 443, it's https

but the problem is I cannot even establish connection to my router...

I think I found out why...

because in v24 sp1, it's kind of different from the tutorial.

What I did inside:
Service/Secure Shell/SSHd -> enable
Service/Secure Shell/SSH TCP Forwarding -> enable
Service/Secure Shell/Password Login -> enable
Service/Secure Shell/port -> 443
Authorized Keys -> blank

-----------------------------------------------------------------------------------------
Administration/management/Remote Access/SSH Management -> enable
Administration/management/Remote Access/SSH Remote Port -> 443

*I forgot to change the port in SSH Remote Port -> 443. But why? This is not just for connection to manage the router?? Can you check my setting if there is any wrong or not necessary?

You need to initialize the SSH connection in order to tunnel the remote desktop session through it.
When you open putty and select SSH, enter the IP of the WAN interface on your router and enter port 443, does it prompt for a username and password or does it time out?

the setting I just show you above works. I just want you to take a look at my setting see if everything is correct. And I don't understand why I need to enable SSH Management and set the port to 443.. is not just for router management???

No it is not just for router management.
You need to connect via SSH to the router in order to tunnel through to the Remote Desktop.

Your settings are correct, but I am having a hard time understanding at what exact point you are stuck?

First you say you cannot even establish a connection to the router, then you say the above settings are working?

What is the problem, where are you stuck?!?

because I didn't enable these setting before:
Administration/management/Remote Access/SSH Management -> enable
Administration/management/Remote Access/SSH Remote Port -> 443

I only had this part enabled
Service/Secure Shell/SSHd -> enable
Service/Secure Shell/SSH TCP Forwarding -> enable
Service/Secure Shell/Password Login -> enable
Service/Secure Shell/port -> 443
Authorized Keys -> blank

So it was not working....
- Do you know what does the SSH TCP Forwarding do? Do I must enable it?
- The port I entered in both part 443.. has to be the same?
- If I want to access file without RDP.. how can I do it in Putty?

thank you so much MrJemson!! but I didn't open remote desktop in windows 98 compatibility mode, I can still open rdp...
and do you mean with SSH TCP Forwarding enabled, all the ports on the router open??

I think you missed some of my question above
- The port I entered in both part 443.. has to be the same?
- If I want to access file without RDP.. how can I do it in Putty?

> and do you mean with SSH TCP Forwarding enabled, all the ports on the router open??

No this just allows the port tunneling via putty to work. If you have this disabled and try to do the port forward through Putty it should not work.

Yes the port has to be the same in both places. The first one is for the SSH service which port is will actually listen on, the second allows the connection through the firewall on the WAN port.

You cant access a file without RDP.

You could copy one, but you would need something to connect to.
To do this you could setup filezilla server or something, forward port 21 and connect using filezilla client.

so you mean I cannot do soemthing like \\hostname\folder... I have to use ftp...

by the way, I want to have more secure ssh, so I followed the tutorial here to create public key and private key http://www.geek-pages.com/articles/latest/setting_up_an_ssh_tunnel_via_dd-wrt_and_your_windows_workstation.html

But in this tutorial, it says the port doesn't have to be the same... he left one in secure shell as port 22....

Also I am not sure if the author made a mistake or not... he mentioned to save public key for use in putty.. but i think it should be private key.... because in the putty, it's asking for private key and public key doesn't have the extension ppk.

lastly, after everything is set. I open up RDP and enter localhost... but i was not able to make the connection... the message is something like there is already established......

http://www.blisstonia.com/eolson/notes/smboverssh.php
Try that for SMB over SSH. I am not sure if it would work, but you can try.

Public/Private key is actually FAR LESS secure, as if someone hacks into your PC they have unlimited access to your router etc. I would not recommend doing this.

As for this:
"I open up RDP and enter localhost... but i was not able to make the connection... the message is something like there is already established......"

This is why you MUST run Remote Desktop in Windows 98 Compatibility mode!!

I see. Thank you very much!! So do you mean the way I did it for the first time from here http://www.dd-wrt.com/phpBB2/viewtopic.php?t=3516 is more secure than private/public key??

> "So do you mean the way I did it for the first time from here http://www.dd-wrt.com/phpBB2/viewtopic.php?t=3516 is more secure than private/public key??"

Yes very much so! =)

thank you again and I appreciate you time. Just want to make sure something again...
So you said I cannot do soemthing like \\hostname\folder... I have to use ftp way to access file...?

and compare SSH with VPN... which one is more secure? a lot of companies are using VPN solution... I rarely heard they use SSH ...... why?

As you have experienced, SSH is more difficult to set up and get running.
With a VPN a person can access the file share, email, the company intranet, printers, other servers etc all from the one connection.
If you use SSH you need to configure the ports for each service on each client.

With a VPN the client only has to enter a few details, but with the SSH they have to know quite a bit about computers etc. VPN can be encrypted as good as or better than SSH.

The SSH tunnel is more secure from the point of view of someone finding it and hacking into it, but a good password policy for the VPN would be just as secure.

I see... but to experienced hackers, which method is harder for them to hack?
and are you also saying VPN PPTP is also good enough?

Can you explain to me what;s the difference between SSH Remote Port 443 and in Secure Shell, port 443? Do they have to be the same port number?

Sorry about that. But I think the question I am going to ask here is still related to this topic...... if you still think this question is off topic, I will open new one. the question I asked above "SSH Remote Port 443 and in Secure Shell, port 443".
I was talking about the setting in DD-WRT. They are in different page. I see some article left SSH remote port as 443 and Secure Shell in service page as 22.... so I am confusing. Since both of them are SSH port.. why can be set differently?

I see.. Thank you very much.
So I think it's like
public IP:remote port -> then the router forward to SSH service port

You said it's like NAT mapping.. it looks like, but it's forwarding to its own internal ip (router internal ip - 192.168.1.1:service port)? right?

Correct

Sorry to bug you again. The question is closed, but one question poped up in my mind...
SSH is not as VPN tunneling right?

Correct.

thank you for your time!

Hi MrJemson, Sorry to bug you again. I tried to use MSTSC in 98 compatibility mode. But everytime I always got <lang_name> \mtsc.exe.mui message, do you know why?

I am not 100% sure what you mean.
Perhaps you should open a new question?

Hi , it's one of your answer from above
"Are you running MSTSC in 98 compatibility mode?

Full how to can be found here:
http://www.dd-wrt.com/phpBB2/viewtopic.php?t=3516"

I tried it with ssh, but I always got <lang_name> \mtsc.exe.mui message

hi guys,


 
I really dont wanna hack your thread but I didnt any response so I find experts
 
 
please if u  guys can help me?? how can i route my internet traffic via VPN ???
 
https://www.experts-exchange.com/questions/24220326/Internet-not-using-VPN-PPTP-Route-WRT54g-v3-1-dd-wrt-24-sp1.html 

 
please answer me .... thankx