Help setting up PIA with LEDE on my Linksys EA4500
Hi all, I've been trying to set up PIA with LEDE on my Linksys EA4500 router for the past few days and have been running into some problems. I started with this guide:
https://helpdesk.privateinternetaccess.com/hc/en-us/articles/115005760646-Setting-up-a-Router-running-LEDE-Firmware
But when I get to step 4 and type this into windows cmd:
pscp Documents/PIA_Setup/* [email protected]:/etc/openvpn
I get this response:
pscp: remote filespec /etc/openvpn: not a directory
so then I checked
cd /etc/
ls
and openvpn is not there. I've never really figured out what to do about that. Then I tried following this guide:
https://lede-project.org/docs/user-guide/openvpn.client
and after completing the first 2 of these three commands:
opkg update
opkg install openvpn-openssl luci-app-openvpn
opkg install nano libustream-openssl ca-bundle ca-certificates
openvpn is there when I check
cd /etc/
ls
but this openvpn-openssl command is different from the one PIA has on there site, which is openssh-sftp-server, so i'm not sure if it would work. Never the less I tried anyway, and when I got to this step:
wget https://www.ipvanish.com/software/configs/ipvanish-US-Los-Angeles-lax-a01.ovpn
I realized I don't know where to find individual PIA config files I only know where to find the openvpn.zip file, and because LEDE doesn't recognize the unzip command I cant do it that way. I also tried using the windows cmd terminal to send it to the router, but that didn't work either. Then I figured using the touch command I could create the config file by copying and pasted out of the one I extracted from the openvpn.zip file and placing it where the guide wanted it placed. I was able to create the file and put it where I wanted it, but after I completed this step:
uci set openvpn.provider.config='/etc/openvpn/ipvanish-US-Los-Angeles-lax-a01.ovpn # NOTE: use whatever your file is above.(in this case the PIA config file I created)
LEDE started acting differently it wouldn't show root at the beginning of my commands and although I could type in what ever I wanted and push enter it would just skip to the next line and nothing would happen. So then I tried using the first 3 steps of this guide to get openvpn installed and then continue on with the PIA guide, but it didn't work, probably as stated above because of the difference between openvpn-openssl and openssh-sftp-server. Then I came across this guide which I thought might solve whatever problem I'm having with openssh-sftp-server.
https://wiki.openwrt.org/inbox/replacingdropbearbyopensshserver
and when I get to this point:
Reconnect to your router via SSH on port 22. If this fails to authenticate with the root password on port 22, you should still be able to connect with Dropbear on port 2222. Test this first and then reboot OpenWRT. After that you should be able to connect with OpenSSH on port 22.
and switch back port 22 through ssh it works, but just to be sure I close putty and try to login again on port 22. It asks for a root password and I don't know what it is. Even if I don't have a root password set it asks for a root password and I can't login. Maybe I'm supposed to move on to the next step and disable dropbear because the two are interfering with each other or something, but I know if I disable it and it doesn't work I wont be able to log back in on port 2222 and firstboot reboot my way way back to try again.
Anyway, so I'm no further ahead and, but hopefully I've given you guys enough to work with that you have some tips. Thanks a lot.
https://helpdesk.privateinternetaccess.com/hc/en-us/articles/115005760646-Setting-up-a-Router-running-LEDE-Firmware
But when I get to step 4 and type this into windows cmd:
pscp Documents/PIA_Setup/* [email protected]:/etc/openvpn
I get this response:
pscp: remote filespec /etc/openvpn: not a directory
so then I checked
cd /etc/
ls
and openvpn is not there. I've never really figured out what to do about that. Then I tried following this guide:
https://lede-project.org/docs/user-guide/openvpn.client
and after completing the first 2 of these three commands:
opkg update
opkg install openvpn-openssl luci-app-openvpn
opkg install nano libustream-openssl ca-bundle ca-certificates
openvpn is there when I check
cd /etc/
ls
but this openvpn-openssl command is different from the one PIA has on there site, which is openssh-sftp-server, so i'm not sure if it would work. Never the less I tried anyway, and when I got to this step:
wget https://www.ipvanish.com/software/configs/ipvanish-US-Los-Angeles-lax-a01.ovpn
I realized I don't know where to find individual PIA config files I only know where to find the openvpn.zip file, and because LEDE doesn't recognize the unzip command I cant do it that way. I also tried using the windows cmd terminal to send it to the router, but that didn't work either. Then I figured using the touch command I could create the config file by copying and pasted out of the one I extracted from the openvpn.zip file and placing it where the guide wanted it placed. I was able to create the file and put it where I wanted it, but after I completed this step:
uci set openvpn.provider.config='/etc/openvpn/ipvanish-US-Los-Angeles-lax-a01.ovpn # NOTE: use whatever your file is above.(in this case the PIA config file I created)
LEDE started acting differently it wouldn't show root at the beginning of my commands and although I could type in what ever I wanted and push enter it would just skip to the next line and nothing would happen. So then I tried using the first 3 steps of this guide to get openvpn installed and then continue on with the PIA guide, but it didn't work, probably as stated above because of the difference between openvpn-openssl and openssh-sftp-server. Then I came across this guide which I thought might solve whatever problem I'm having with openssh-sftp-server.
https://wiki.openwrt.org/inbox/replacingdropbearbyopensshserver
and when I get to this point:
Reconnect to your router via SSH on port 22. If this fails to authenticate with the root password on port 22, you should still be able to connect with Dropbear on port 2222. Test this first and then reboot OpenWRT. After that you should be able to connect with OpenSSH on port 22.
and switch back port 22 through ssh it works, but just to be sure I close putty and try to login again on port 22. It asks for a root password and I don't know what it is. Even if I don't have a root password set it asks for a root password and I can't login. Maybe I'm supposed to move on to the next step and disable dropbear because the two are interfering with each other or something, but I know if I disable it and it doesn't work I wont be able to log back in on port 2222 and firstboot reboot my way way back to try again.
Anyway, so I'm no further ahead and, but hopefully I've given you guys enough to work with that you have some tips. Thanks a lot.
Comments
ssh -p 2222 [email protected]
I thought it worked, but now I don't think so. The response I get is this:
ssh: Connection to roo[email protected]:2222 exited:
Fingerprint is md5 xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx
Expected md5 xx:xx:xx:xx:xx:xx:xx:xx
I don't know what that means, as I'm pretty new to all this, but I think it means it failed to switch over to whatever the previous commands set up on port 2222. And if that's true then the following commands were put in while I was still on port 22. That may explain why I can't login when I try switching to port 22. although I'm not really sure. Also, regarding the step I posted above, this one:
Reconnect to your router via SSH on port 22. If this fails to authenticate with the root password on port 22, you should still be able to connect with Dropbear on port 2222. Test this first and then reboot OpenWRT. After that you should be able to connect with OpenSSH on port 22.
I forgot to mention in the case that I'm wrong about the above failing, that I have tried what it says regarding having failing to authenticate with root password on port 22. If I understand correctly its saying to enter this:
ssh -p 22 [email protected] or to close putty and reconnect on port 22 (I've tried both)
but as mentioned above, I can't get past the password part as nothing works.
still anxiously waiting for someone who has some idea to chime in.
Oh, and I have started a ticket with PIA, but I'm going on 72 hours without a response.
Thanks