🆕[add-on] HassOS SSH port 22222 Configurator

Believe me, I’ve tried for two hours, but sorry, it’s still too difficult for me.
I have tried to type the ssh command in the " SSH & Web Terminal", but I receive an “invalid argument”

• have I to copy the keys generated by the Add On somewhere? In the SSH & web terminal configuration?
  In some of the 200 posts there is a sequence of all the passages that I have to follow?
  I generate the key… then?
  For you will be so simple, but It’s the first time that I try to access to this level of the OS… only because frigate ask me to do…
  Thanks again.

You generate your own key, then put the public one in the settings box and run the addon. After that you reboot, and use your private key to login. Check online for public private key authentication and how it works with your program.

Hey I am using a SDD for my Home Assistant OS. After some try and error I saw that I have to disable the secure mode. After this it worked.

Does anybody know is it possible to install some apps (openvpn) with this root access to Hass OS?
apk command mention above but it’s not found on my host

Haos is not based on alpine so apk is not going to work. Buildroot is the base.

You might try Webtop Alpine KDE. It is a full operating system within an add-on. You may find it good enough to do all of the operations that you want to do. GitHub - alexbelgium/hassio-addons: My homeassistant addons

Hello, I installed my key in configuration and I ran the addon, restarted host, but seems SSH deamon on port 22222 doens’t start. Any idea? Thanks

Full power off restart.

I did but nothing changed. Should I maybe disable protected mode? Should I run the addon at boot instad of running manually? Thanks

Yes, do that.

OK, That was the issue. Maybe it’s written somewhere before but I didn’t read all the thread

Hi guys

generated keys in SSH terminal and put into configurator and had this log

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
s6-rc: info: service legacy-services successfully started
no vda1 config found
creating authorized keys in sda1 !
no sdb1 config found
no mmcblk0p1 config found
no mmcblk1p1 config found
no nvme0n1p1 config found
This Configurator did it's job. Perform a hard-power-off now. This configurator only works once and is no longer needed. 

it seems working but when i try

ssh 127.0.0.1 -p22222

i receive the error

permission denied (publickey)

some advice?

Pull the power cable out and then plug it in and turn it on.

already tried 2 times , not working

Then run ssh with debugging and see what is up

ssh -v 127.0.0.1 -p22222

Increase the number of v’s until you get something that makes sense.

i have some trouble copy/paste from terminal addon to windows , can you give me some advice on how to do?

or maybe how to print the output to a file and then move it to my windows machine

thanks

found a method

➜  ~ ssh -v 127.0.0.1 -p22222
OpenSSH_9.1p1, OpenSSL 3.0.7 1 Nov 2022
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 22222.
debug1: Connection established.
debug1: identity file /root/.ssh/id_rsa type 0
debug1: identity file /root/.ssh/id_rsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa type -1
debug1: identity file /root/.ssh/id_ecdsa-cert type -1
debug1: identity file /root/.ssh/id_ecdsa_sk type -1
debug1: identity file /root/.ssh/id_ecdsa_sk-cert type -1
debug1: identity file /root/.ssh/id_ed25519 type -1
debug1: identity file /root/.ssh/id_ed25519-cert type -1
debug1: identity file /root/.ssh/id_ed25519_sk type -1
debug1: identity file /root/.ssh/id_ed25519_sk-cert type -1
debug1: identity file /root/.ssh/id_xmss type -1
debug1: identity file /root/.ssh/id_xmss-cert type -1
debug1: identity file /root/.ssh/id_dsa type -1
debug1: identity file /root/.ssh/id_dsa-cert type -1
debug1: Local version string SSH-2.0-OpenSSH_9.1
debug1: Remote protocol version 2.0, remote software version dropbear_2020.81
debug1: compat_banner: no match: dropbear_2020.81
debug1: Authenticating to 127.0.0.1:22222 as 'root'
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: curve25519-sha256
debug1: kex: host key algorithm: ssh-ed25519
debug1: kex: server->client cipher: [email protected] MAC: <implicit> compression: none
debug1: kex: client->server cipher: [email protected] MAC: <implicit> compression: none
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: SSH2_MSG_KEX_ECDH_REPLY received
debug1: Server host key: ssh-ed25519 SHA256:UEsEjWDVThNMdrN1sM08eVw9ZDDG7PUdHVrlpvk28DY
debug1: load_hostkeys: fopen /root/.ssh/known_hosts2: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts: No such file or directory
debug1: load_hostkeys: fopen /etc/ssh/ssh_known_hosts2: No such file or directory
debug1: Host '[127.0.0.1]:22222' is known and matches the ED25519 host key.
debug1: Found key in /root/.ssh/known_hosts:3
debug1: rekey out after 134217728 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: SSH2_MSG_NEWKEYS received
debug1: rekey in after 134217728 blocks
debug1: Will attempt key: /root/.ssh/id_rsa RSA SHA256:a6N3O5q2iNGCsx+1yZqTpn/aYPlRSvI9gQwLVEoNN+U
debug1: Will attempt key: /root/.ssh/id_ecdsa
debug1: Will attempt key: /root/.ssh/id_ecdsa_sk
debug1: Will attempt key: /root/.ssh/id_ed25519
debug1: Will attempt key: /root/.ssh/id_ed25519_sk
debug1: Will attempt key: /root/.ssh/id_xmss
debug1: Will attempt key: /root/.ssh/id_dsa
debug1: SSH2_MSG_EXT_INFO received
debug1: kex_input_ext_info: server-sig-algs=<ssh-ed25519,ecdsa-sha2-nistp256,ecdsa-sha2-nistp384,ecdsa-sha2-nistp521,rsa-sha2-256,ssh-rsa>
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: publickey
debug1: Next authentication method: publickey
debug1: Offering public key: /root/.ssh/id_rsa RSA SHA256:a6N3O5q2iNGCsx+1yZqTpn/aYPlRSvI9gQwLVEoNN+U
debug1: Authentications that can continue: publickey
debug1: Trying private key: /root/.ssh/id_ecdsa
debug1: Trying private key: /root/.ssh/id_ecdsa_sk
debug1: Trying private key: /root/.ssh/id_ed25519
debug1: Trying private key: /root/.ssh/id_ed25519_sk
debug1: Trying private key: /root/.ssh/id_xmss
debug1: Trying private key: /root/.ssh/id_dsa
debug1: No more authentication methods to try.
[email protected]: Permission denied (publickey).

Generate a new key

ssh keygen<enter, enter, enter, enter>.
Then your public key will be in ~/.ssh/id_rsa.pub. copy that file contents into the addons settings, run it, reboot twice with power plug, and try again.

Some keys arent compatible. New ones using defaults work. Some public keys are not matched to the private key. Some copy the private instead of public. Try the above to eliminate possibilities.

now it’s working

thanks mate

Stumbled around with this for a while, getting the permission denied (publickey) error despite following all the steps. Turns out I forgot to login on the root account:

ssh [email protected] -p22222

Hope this helps solve your issue as well!