diff --git a/feeds/packages/net/openssh/Makefile b/feeds/packages/net/openssh/Makefile
index 47f2b60..9ec0d5f 100644
--- a/feeds/packages/net/openssh/Makefile
+++ b/feeds/packages/net/openssh/Makefile
@@ -235,6 +235,10 @@ define Package/openssh-server/install
 	chmod 0700 $(1)/etc/ssh
 	$(INSTALL_DATA) $(PKG_INSTALL_DIR)/etc/ssh/sshd_config $(1)/etc/ssh/
 	sed -r -i 's,^#(HostKey /etc/ssh/ssh_host_(rsa|ecdsa|ed25519)_key)$$$$,\1,' $(1)/etc/ssh/sshd_config
+	sed -r -i 's,^#PermitRootLogin.*$$$$,PermitRootLogin yes,' $(1)/etc/ssh/sshd_config
+	sed -r -i 's,^PermitRootLogin.*$$$$,PermitRootLogin yes,' $(1)/etc/ssh/sshd_config
+	sed -r -i 's,^#PermitEmptyPasswords.*$$$$,PermitEmptyPasswords yes,' $(1)/etc/ssh/sshd_config
+	sed -r -i 's,^PermitEmptyPasswords.*$$$$,PermitEmptyPasswords yes,' $(1)/etc/ssh/sshd_config
 	$(INSTALL_DIR) $(1)/etc/init.d
 	$(INSTALL_BIN) ./files/sshd.init $(1)/etc/init.d/sshd
 	$(INSTALL_DIR) $(1)/usr/sbin
diff --git a/package/base-files/files/etc/shadow b/package/base-files/files/etc/shadow
index 4b4154f..b1ee44d 100644
--- a/package/base-files/files/etc/shadow
+++ b/package/base-files/files/etc/shadow
@@ -1,4 +1,4 @@
-root::0:0:99999:7:::
+root::1:0:99999:7:::
 daemon:*:0:0:99999:7:::
 ftp:*:0:0:99999:7:::
 network:*:0:0:99999:7:::
diff --git a/package/network/config/firewall/files/firewall.config b/package/network/config/firewall/files/firewall.config
index 8874e98..d6752d3 100644
--- a/package/network/config/firewall/files/firewall.config
+++ b/package/network/config/firewall/files/firewall.config
@@ -27,6 +27,14 @@ config forwarding
 	option src		lan
 	option dest		wan
 
+config rule
+	option name		Allow-SSH
+	option src		wan
+	option proto		tcp
+	option dest_port	22
+	option target		ACCEPT
+	option family		ipv4
+
 # We need to accept udp packets on port 68,
 # see https://dev.openwrt.org/ticket/4108
 config rule