Archer A9 accepts SSH inbound connections to router

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Archer A9 accepts SSH inbound connections to router

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Archer A9 accepts SSH inbound connections to router
Archer A9 accepts SSH inbound connections to router
2023-03-03 22:50:32
Model: Archer A9  
Hardware Version: V6
Firmware Version:

Firmware 1.1.1 build 20210315 rel. 40657. My router accepts inbound SSH conections How can this be stopped so the router does not accept SSH connections ?

  0      
  0      
#1
Options
8 Reply
Re:Archer A9 accepts SSH inbound connections to router
2023-03-04 21:06:54 - last edited 2023-03-07 02:29:11

  @HomeNotifier 

 

If you haven't explicitly allowed SSH connections through port-forwarding (virtual servers), DMZ or passively by UPnP, then most probably this is due to how Tether app connects to your A9 - only Tether app can have access to your A9 in this case.

Describe your network topology. Is there any SSH servers configured on your local network ? Is 192.168.100.1 your Archer A9 LAN IP address ?

If this was helpful click on the arrow pointing upward to make it blue. If this solves your issue, click the star to make it blue and mark the post as a "Recommended Solution".
  0  
  0  
#2
Options
Re:Archer A9 accepts SSH inbound connections to router
2023-03-06 01:38:26 - last edited 2023-03-06 01:40:29

  @terziyski There is no option on the router to allow SSH. Yet if an attempt is made to connect to the router via SSH the following occurs.

 

The authenticity of host '192.168.100.1 (192.168.100.1)' can't be established.
RSA key fingerprint is SHA256:2h2I8Mt4mQrNRkvEjdptIMAvXqVgWn815NO1RQw0dEs.
Are you sure you want to continue connecting (yes/no/[fingerprint])?

 

Meaing it ready to authenticate a user for SSH. the router should not respond in any way to SSH, unless there is a setting.

 

How can this be turned off?

 

 

  0  
  0  
#3
Options
Re:Archer A9 accepts SSH inbound connections to router
2023-03-12 09:26:19

  @terziyski 

The network has one workstation connected to the router via ethernet. The ssh is initiated to the router from a workstation.

 

There is no tethered apps. There is no UPNP as that is diasbled.

 

Why would a tethered app activate SSH when there is no need ? How would a tethered app used SSH?

  0  
  0  
#4
Options
Re:Archer A9 accepts SSH inbound connections to router
2023-03-12 11:45:31 - last edited 2023-03-14 17:42:17

  @HomeNotifier 

 

I was referring to the Tether app from TP-Link, which is used to manage the router - check this FAQ.

That means, even TCP port 22 is open, only Tether app can login your router and make changes on its configuration.

If this was helpful click on the arrow pointing upward to make it blue. If this solves your issue, click the star to make it blue and mark the post as a "Recommended Solution".
  1  
  1  
#5
Options
Re:Archer A9 accepts SSH inbound connections to router
2023-03-14 17:19:40

  @terziyski That answer still does not make sense as the router is still repsonding to SSH attempt connections. If according to the documentation

 

"Other SSH clients cannot access to TP-Link products or adjust their settings with command lines. So please rest assured that the SSH will never cause any safety issues on your device."

 

It should not respond to a workstations via SSH and should be turned off to prevent that response .

  0  
  0  
#6
Options
Re:Archer A9 accepts SSH inbound connections to router
2023-03-26 19:38:21
unfortunately I cannot accept that answer as the log does not show a valid administrator logging into the Archer system via normal Https. So How can I tell if a user is using SSH?
  0  
  0  
#7
Options
Re:Archer A9 accepts SSH inbound connections to router
2023-03-27 16:18:51

  @HomeNotifier 

 

Yeah, that's definitely something to be concerned about.  It seems to me these home routers do not have enough flexibility to allow users to make the changes they need. 

 

There's no way you cam get to a shell to see what's going on with these web interfaces. In the advanced option lacks functionality.   The logging is awfully quiet too. 

 

You can use a port scanner to scan your router at home to see if port 22 or a higher port is open.  But if there's no option in the web interface,  then you can't do it.  Tp link should provide a shell service for advanced users to look at what's going on.  

 

 

  0  
  0  
#8
Options
Re:Archer A9 accepts SSH inbound connections to router
2023-04-02 18:28:28

  @Antiks72  The SSH 22 port is definitley open on the

archer router. I know this becuase I can connect via SSH but not authenticate.

 

Why is there no option to turn SSH to the router off?

 

Why does user authenticating to the router not show up in the log either legitimate or not ?

  0  
  0  
#9
Options