ipkg update
killall dropbear
ipkg remove dropbear
rm -rf /etc/dropbear
ipkg install openssh-server
ipkg install openssh-client
ipkg install openssh-sftp-server
vim /etc/ssh/sshd_config
   Protocol 2
   UsePrivilegeSeparation no
   AuthorizedKeysFile /etc/ssh/authorized_keys
   RSAAuthentication yes
   PasswordAuthentication no
vim /etc/init.d/S50sshd
   iptables -I input_rule -i vlan1 -p tcp --dport 22 -j ACCEPT
/etc/init.d/S50sshd
rm /usr/bin/ssh-keygen (after keys have been generated)
(Before proceeding ensure you can log in via SSH!)
passwd
killall telnetd
rm /etc/init.d/S50telnet
rm /usr/sbin/telnetd
ipkg install openvpn
ipkg install ntpclient
echo "PST8PDT" > /etc/TZ
ipkg install nas

http://wiki.openwrt.org/HowtoEnableCron

crontab -e
   0 * * * * /usr/sbin/ntpclient -c 1 -s -h pool.ntp.org

According to OpenWRT the router may actually be more stable at 216Mhz. However, the WRT54GS^? V0 definately is not happy with this setting. (If you've already messed up your router, try putting it in the freezer for 10 minutes.) The V0 appears to run stable with clkfreq=228,114.
nvram set clkfreq=216,108
nvram commit

Configuring firewall for VPN

Add to /etc/firewall.user

Enabling ssh from the WAN

vim /etc/firewall.user
   iptables -A input_rule -i $WAN -p tcp --dport 22 -j ACCEPT

Making ssh on the WAN more secure (instead of the forgoing)

From http://forum.openwrt.org/viewtopic.php?id=2892
cd /lib/modules/2.4.30
wget http://support.mprg.org/openwrt/ipt_recent.o
cd /usr/lib/iptables
wget http://support.mprg.org/openwrt/libipt_recent.so
insmod ipt_recent.o
vim /etc/firewall.user
   iptables -A input_rule -i $WAN -p tcp --dport 22 -m recent --name SSH --update --hitcount 5 --seconds 180 -j DROP
   iptables -A input_rule -i $WAN -p tcp --dport 22 -m recent --name SSH --set -j ACCEPT
echo 'ipt_recent' > /etc/modules.d/30-ipt_recent

Reflashing firmware from /tmp

cd /tmp
dd bs=32 skip=1 if=firm.bin of=firm.trx
mtd -e linux -r write firm.trx linux

Cleaning up nvram

cd /tmp
wget http://openwrt.inf.fh-brs.de/~nbd/nvram-clean.sh
chmod a+x /tmp/nvram-clean.sh
/tmp/nvram-clean.sh

Dealing with WRT53GS^? V4

Unfortunately Linksys took a good thing and made it worse!
V4 only has 4Mb of flash on board (earlier versions had 8)
If you're stuck with this version every byte will count.
Use the squashfs version of the firmware, it leaves more free space than the jffs2
even after removing all the packages we can live without.
Clean up nvram as above.
Remove anything you can live without:
   ipkg remove ppp-mod-pppoe
   ipkg remove ppp
   ipkg remove kmod-pppoe
   ipkg remove kmod-ppp
   ipkg remove dropbear
Then you have to install the packages you need roughly in descending order by size:
   ipkg install openssh-server
   ipkg install openssh-client
   ipkg install openssh-sftp-server
   ipkg install tcpdump
   ipkg install openvpn
   ipkg install rsync
   ipkg install nas
   ipkg install iptables-extra
   ipkg install ntpclient

Jabber

/usr/sbin/jabberd -h jabber.test.com -s /tmp/jabberd &
tar -cz -f /etc/jabber.tgz -C /tmp jabberd
tar -xz -f /etc/jabber.tgz -C /tmp

-- JonathanLundquist - 13 Nov 2006