Upgrade a home router with OpenWrt

Last updated on 2022-02-20 Tagged under  #openwrt   #network   #linux 

Home routers are more capable devices than their shipped firmware would lead you to believe. I replace that firmware with OpenWrt, which is an embedded Linux distribution that converts energy-efficient, network-capable devices into much more useful hackable computers.

Getting its start hacking the original Linksys WRT54G, OpenWrt and its volunteer developers now support a wide range of hardware. The project hosts software packages that lay out a smorgasbord of extra possibilities: more network tools with more fine-grained controls, plus a range of server capabilities to manage printers, connect external USB drives for backup, host files/torrents/VOIP/VPNs.

This is how I did it ...

My Archer C7 (v5) is an inexpensive (often on sale ~$70CAN) router that is well-supported by OpenWrt. It easily provides coverage for a two-story residence.


2. Download install image

Note: OpenWrt builds different install images for different devices. Consult the Table of Hardware to confirm your router is supported and read the wiki entry for your particular device to identify the correct image. It is easy to brick a device using an incorrect install image.

Archer C7 is an OpenWrt ath79/generic target device. New installs use the "factory firmware" image, which is a *-squashfs-factory.bin file. Latest stable release (as of Feb-2022) is 21.02.1. Link

3. Flash image to router

OpenWrt can be installed on the Archer C7 by simply uploading the new firmware using the router's firmware-upgrade page accessed via a web browser. This page, however, will not accept firmware with long filenames.

Rename openwrt-21.02.1-ath79-generic-tplink_archer-c7-v5-squashfs-factory.bin to factory.bin.

Login page for this router is available at Go to Advanced->System Tools->Firmware Upgrade->Manual Upgrade. Browse to the renamed firmware.bin image and click Upgrade. When new firmware install is complete, the router reboots.

Link: Factory installation

4. Login and set password

Note: When using the web interface to modify values, all changes are staged and not saved to the file directly, so remember to save the changes after you have set them.

Navigate to new address There is a notification that root user's password is not set. Login with username root and leave the password field empty.

Go to System->Administration->Router Password and set a new password.

5. SSH

OpenWrt uses Dropbear as its SSH server and its set to auto-start and listen for connections on all interfaces by default.

I keep the auto-start enabled, but navigate to System->Administration->SSH Access and set Interface to lan to listen only to internal connections.

I use SSH keys for access. Go to System->Administration->SSH Keys and copy-paste a *.pub key.

Then, on the Linux client, modify ~/.ssh/config ...

Host router
User root

Login to the router ...

$ ssh router

BusyBox v1.33.1 (2021-10-24 09:01:35 UTC) built-in shell (ash)

  _______                     ________        __
 |       |.-----.-----.-----.|  |  |  |.----.|  |_
 |   -   ||  _  |  -__|     ||  |  |  ||   _||   _|
 |_______||   __|_____|__|__||________||__|  |____|
          |__| W I R E L E S S   F R E E D O M
 OpenWrt 21.02.1, r16325-88151b8303

6.Connect to internet

My setup: Cable internet service; modem-router supplied by ISP put in bridge mode; traffic passes through to OpenWrt router acting as gateway to LAN.

With this setup, nothing in the WAN interface needed to be configured. However, to get everything working required powering off both the router and the modem, then powering on the modem, giving it a few minutes to connect, then powering on the router. With the modem recognizing the router's new MAC address, a new IP address is assigned and internet access restored.

Link: Switch, router, gateway, and NAT

7. Enable wireless

Go to Network->Wireless. Click on Edit for each wireless network and set:

Back on the wireless page, a notice informs of pending changes. Click link to apply.

Link: Wifi walkthrough

8. Static IP leases

Go to Network->DHCP and DNS->Static Leases. Click Add, then include a device's network interface MAC address, the hostname, and the desired IP address. When done click Save & Apply.

All subsequent connections to the local network by the device will see it assigned this IP address.

9. NAT forwarding

Go to Network->Firewall->Port Forwards. Click Add, then include name/external port/internal address/internal port. When done click Save & Apply.

10. Packages

There is wealth of additional software packages that can be installed beyond the base system, (flash) space permitting. After all, what would a Linux system be without htop?

GUI: Go to System->Software, click Update lists, then select a package to install.

Command line: OpenWrt uses the opkg package manager to install software and deal with dependencies ...

root@OpenWrt:~# opkg update
root@OpenWrt:~# opkg install htop

Link: Package manager

Thanks for reading! Read other posts?

» Later: Getting started with Arch Linux

« Earlier: Migrating away from a Google-hosted custom email address