🆕[add-on] HassOS SSH port 22222 Configurator

adamoutler · March 7, 2021, 2:44pm

Ssh port 22222 is hass os port for debug. People want it to poke at the root system.

derekisastro · March 8, 2021, 5:28am

But doens’t the Terminal and SSH add-on, through port 22 already give you access to the root system? In my limited understanding, that is what I current have … what I think I am missing is access to the Hass OS, the actual OS so that I can modify one of the .py files. I’ve already got access to what seems to me to be the root system/folder/directory. It just doesn’t allow me to get to the file I’m trying to get at. I though that was what this program of yours was meaning to do via port 22222?

Thank you for taking the time to answer my clearly limited understanding questions.

DavidFW1960 · March 8, 2021, 6:43am

No it’s giving you access to the HomeAssistant CONTAINER not the Host OS… hence you cant access the files on the host.

adamoutler · March 8, 2021, 12:29pm

As previously mentioned, the terminal app is its own container. You can remove protection mode and get access to most things, but it’s not everything.

The host OS doesn’t have a /config folder. That’s handled by Supervisor when it creates the container. If you type docker container ls you can see all the containers including the one you are in. The only thing you don’t see is the host.

The system works on docker. You can find out more online about how it works like a bunch of virtual machines and how it’s different from virtual machines. They’re called containers because it’s the most appropriate term.

The only thing that’s not in a container is the host system. When you enter the host system you see a ha> prompt and you can get to the shell with the command login

dap35 · March 9, 2021, 1:24am

I started seeing the followinge ~~errors~~ warnings in my logs and have tried both upgrading the add-on and also uninstalling it, but can’t get rid of them. Any ideas?

21-03-08 23:46:46 WARNING (MainThread) [supervisor.addons.validate] Add-on have full device access, and selective device access in the configuration. Please report this to the maintainer of Run On Startup.d
21-03-08 23:46:46 WARNING (MainThread) [supervisor.addons.validate] Add-on have full device access, and selective device access in the configuration. Please report this to the maintainer of HassOS SSH port 22222 Configurator
21-03-08 23:46:46 WARNING (MainThread) [supervisor.addons.validate] Add-on have full device access, and selective device access in the configuration. Please report this to the maintainer of Run On Startup.d
21-03-08 23:46:46 WARNING (MainThread) [supervisor.addons.validate] Add-on have full device access, and selective device access in the configuration. Please report this to the maintainer of HassOS SSH port 22222 Configurator

adamoutler · March 9, 2021, 1:44am

I’ll probably fix Run On Startup.d. If HassOS SSH port 22222 is working, I recommend removing it. These are low priority. Home Assistant has gone on a kick with random warnings lately causing all maintainers to perform some meaningless task for the sake of no good reason, just to clear some log warnings. It’s not critical. It doesn’t affect operation. It just looks ugly in the logs for no good reason.

CentralCommand · March 10, 2021, 4:35am

So I ran this add-on, put in my key and rebooted. It seems to have worked because I was able to ssh into port 22222. But when I do it looks like my shell is the HA CLI? Which means I’m pretty limited. Kind of pointless actually since the ssh addons already have full access to the HA CLI.

Did I miss a step? Or is there a way to get to bash or zsh or something more useful?

CentralCommand · March 10, 2021, 4:52am

Ah figured it out. The helper text that says enter login to access the host was removed but saw it in a screenshot when I scrolled up.

KevinTech · March 15, 2021, 3:24am

How would I completely reverse the actions of this addon if I chose? That is, remove the key from the ssh file and close port 22222 as though I never ran the HassOs SSH port 22222 Configurator?

Thanks
–Kevin

adamoutler · March 15, 2021, 4:45am

Login on port 22222 and rm ~/.ssh/authorized_keys

Huubke · March 21, 2021, 9:24am

Hi, I’m also spend some time to login on SSH over 22222 for accessing the host system.
When using the USB with the authorized_key, the error:

No supported authentication methods avaialble (server sent:public key)

So after that I have installed this addon, but unfortunately I ended up with the same issue. So probably something is wrong with my ssh public key, isn’t ? I have generated this in Putty on my windows box. Any ideas are apreciated .

Huubke · March 21, 2021, 10:11am

Ok, read back into this topic:

Did the following in in the ssh terminal:

1.ssh-keygen (press enter when asked, use defaults, only enter responses)
2.cat ~/.ssh/id_rsa.pub to get your key. It’s all one line and looks like this when copied properly.
3.copy the key from step 2 into HassOS SSH port 22222 Configurator
4.restart the configurator
4.Use Reboot Host method to restart.
5.Upon restart, within the terminal app, type ssh 127.0.0.1 -p22222

Huubke · March 21, 2021, 12:10pm

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] done.
[services.d] starting services
[services.d] done.
no sda1 config found
no sdb1 config found
creating authorized keys in mmcblk0p1 !
This Configurator did it's job. Perform a hard-power-off now. This configurator only works once and is no longer needed.

adamoutler · March 21, 2021, 1:11pm

Did you do a hard reset? Try generating a new key and make sure to add the public key, not private key.

Ruestafari · March 21, 2021, 7:34pm

Hi Adam,
I installed your configurator and followed all steps but still can’t access port 22222 (Connection refused).
Could you please help me. Actually I just want to change the config.txt to make my Raspbee running and I understand that I only can access these file via port 22222.
Access to port 22 is working, so my private and public keys are ok.
I see the following log in your configurator:

Ruestafari · March 21, 2021, 7:35pm

When I start or restart you Configurator I see the following message in the system log:

Huubke · March 21, 2021, 7:35pm

Yes done a hard reset also, without any succes…
Do I need to add the public key also in the ssh addon?

I noticed line in the systemlog “Configurator try to access to blocked device mmcblk0p1!”
What I’m missing here?

21-03-21 19:31:22 WARNING (SyncWorker_5) [supervisor.docker.addon] HassOS SSH port 22222 Configurator running with disabled protected mode!
21-03-21 19:31:22 ERROR (SyncWorker_5) [supervisor.docker.addon] Add-on HassOS SSH port 22222 Configurator try to access to blocked device mmcblk0p1!
21-03-21 19:31:24 INFO (SyncWorker_5) [supervisor.docker.addon] Starting Docker add-on 1f3d020e/armv7-addon-hassos_ssh_configurator_addon with version 0.7b
21-03-21 19:31:26 WARNING (MainThread) [supervisor.api.ingress] No valid ingress session 61a985d5b4fe67a1abeb6fb1d384b63986a2aa8bf7a6c1c33c62e126d1833cf6db9d6bdc0d9534f77940a8887e1ce7376d3372415fb05a859b4adebf73baa06c

Ruestafari · March 21, 2021, 7:36pm

same error for me

adamoutler · March 21, 2021, 7:52pm

Disable protection mode

adamoutler · March 21, 2021, 7:53pm

Yes. You have to put the public key in the configuration section.