FS#4012 - Can't login to LUCI but can SSH

[openwrt-bot]

jediwade:

Linksys WRT3200ACM
OpenWRT 21.02.0 Stable

Steps to reproduce:

• Install OpenWRT 21.02.0 Stable as a fresh install.
• Visit 192.168.1.1 and sign into Luci (with no password since it is a fresh install), go to System -> Administration and assign a password
• Close the browser window
• Login through SSH and enable HTTPS-redirect for Luci (as mentioned in the release notes: https://openwrt.org/releases/21.02/notes-21.02.0)
• Open a new browser window in Incognito-mode
• Visit 192.168.1.1 (should be redirected to HTTPS and may get browser warning about being unsafe)
• Try to sign into Luci (should get message that the user/password is incorrect)

I have tried clearing my browser cookies, tried disabling the HTTPS redirect, restarted the router manually (power switch on device), tried using the "passwd" command to reset the password (and then restarted the router manually).

No matter what, I cannot login into the router ever again after enabling HTTPS redirect for Luci (even if the redirect is turned off and router restarted). I can, strangely, log into the router through SSH with the password I set for root.

I had to login through SSH and run the (cant remember exact) command to reset the router as if I just installed OpenWRT in order to gain access again.

[openwrt-bot]

arek:

I have the same/similar problem - 21.02 stable, Netgear R6220. Also

mount_root
passwd
reboot

doesn't fix it. The weird thing is that

"Thu Sep 16 20:24:05 2021 daemon.err uhttpd[1786]: luci: accepted login on / for root from 192.168.x.x"

is logged so hm, some session management problem maybe.

No cookies are being set.

Oh. I was trying to log in via http:// ! There was no redirection to https://.

All above was with http://.

When I used https:// I logged in just fine.

[gut5]

Same thing happens on openwrt 21.02.2