1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Disabling HTTPS from Telnet

Discussion in 'Tomato Firmware' started by maple.chick, Mar 15, 2012.

  1. maple.chick

    maple.chick Networkin' Nut Member

    While fiddling around with Tomato, I enabled "HTTPS only" option in Administration for Web Access and now I can't access the router webui at all. I can still connect to the router on Telnet. If I try to connect the router on HTTPS, I get an error saying, "The connection was interrupted" and a "Unable to connect" if I try to connect on HTTP.

    I know I can just reset the router and that will fix the problem but I have a lot of stuff & scripts setup on the router that I don't have any backup for. Is there anyway I can avoid a complete reset? Perhaps a commit to NVRAM via Telnet?
     
  2. Planiwa

    Planiwa LI Guru Member

    What an interesting problem. You can certainly copy your scripts, log files, etc. off the router with telnet access from a Unix system.

    Are you running in debug nocommit mode? (That's what I do). If so, you certainly have the option of "nvram commit".

    If you remember what you changed in the GUI, you can probably reverse that change by fixing the NVRAM settings. But this may be harder without access to the (a) GUI.

    Hopefully you can set all the right settings in the NVRAM, and then restart the right services, which should give you access again, without rebooting.

    Let me see if I can reproduce (and then fix) the problem. . . .
     
  3. Planiwa

    Planiwa LI Guru Member

    I have HTTPS enabled, as well as ssh, but not telnet. Here are the NVRAM settings that have http in their name:

    http_enable=0
    http_id=XIZZY
    http_lanport=80
    http_passwd=XIZZY
    http_username=
    http_wanport=8080
    https_crt=
    https_crt_cn=
    https_crt_gen=0
    https_crt_save=0
    https_enable=1
    https_lanport=443
    remote_mgt_https=1

    Is the problem that you have https enabled with no password (or an unknown one)?
    Perhaps you might do:

    nvram find http

    to get the above list for your router.

    Hopefully all you need to do is:
    nvram set "http_enable=1"
    nvram set "https_enable=0"
    nvram commit (I don't think this is nnecessary!)
    service admin restart

    It's worth a try and even it it doesn't do the trick, you should still have telnet access.
    But if you want to be extra cautious and copy the files off first, I can show you how to do that.
     
  4. maple.chick

    maple.chick Networkin' Nut Member

    Huston, we are back in business!

    Thank you so much, Planiwa.

    I wonder why HTTPS isn't working though. Do I need to add a certificate somewhere?
     
  5. fubdap

    fubdap Addicted to LI Member

    This will be a good time to backup all your scripts.
     

Share This Page