AsusWRT device tracker not working with SSH

I’m on a slightly older version:
ASUSWRT-Merlin RT-AC68U 380.66-4

It was working with firmware 380.xx. I updated to 384 yesterday and only noticed this issue today when some automation rules failed to start.

and there’s no way back from 384 to 380… :frowning:

I missed having to enable SSH on the router. Maybe i’m more of a dummy than the person that did the docu expect. Is there any way i can reach the person being able to add on the asuswrt ha page that you need to enable ssh on your router?

1 Like

I have this happening now. :frowning: Just updated my RT-AC87U which Merlin has just released 384 for, and my HA log is flooded with the same error `

> Connection refused. SSH enabled?

SHH is enabled on my router. I can SSH in from my Windows PC, and also via my RaspberryPi that HA is installed on.

Oddly enough, when HA records an error, there is nothing in the system log showing that HA is trying to log in or bad password, etc…

Has anyone raised an issue on Github for this yet?

Hmm, telnet seems to be disabled in the latest Merlin update. No way to turn it on. Guess I’m stuck not using this until it’s fixed. Time to find another way to track devices for the time being.

Hmmmm, have an Asus router on the way specifically for the device tracking in home assistant.
Was also considering a TP-LINK C3150, but looks like the TP-LINK tracking isn’t working either…

Is there any way to track based on static IPs?

Edit: I have just seen the NMAP tracking

I have an Asus router and the device tracker seems to be working through home assistant. I am using SSH rather than telnet.

Yep… it was removed in 384.4 (xx-xxx-2018)
REMOVED: Telnet server. Please use SSH for console-based management.

I have just given this ago all works well, and I didn’t have to do very much. Nmap was already install so I just added it to HA, and everything is working again. I’ve also disabled the Asuswrt tracker for now in the hope that it gets fixed.

Ah, I did miss that line when I initially read it. Though SSH doesn’t work with the ASUSWRT device tracker anymore.

I’ve been having a similar issue. I’ve yet to confirm it but I’m using an SSH key. To the OP, I think you will need to present the path of the private key not the public one as per instructions in:

https://home-assistant.io/components/device_tracker.asuswrt/

I am able to connect by SSHing from my HomeAssistant server to the router with no problems but my private key is encrypted, which I decrypt at the point of connecting. I suspect this may be the reason I’m getting the error I do. If I enable password auth on my router and present my user/pass in the config.yaml, this works with no issue at all. I haven’t found a place to offer HA my private key password so I’m guessing this is the reason it isn’t working. Does this logic follow?

So, I got this working and performed the following actions:

Decrypted my private key:

ssh-keygen -p

Enter location of private key and old passphrase when prompted and specify a blank new passphrase, again when prompted.

Since I’m using python virtualenv, I edited my systemd script at /etc/systemd/system/[email protected] from:

[Unit]
Description=Home Assistant
After=network-online.target

[Service]
Type=simple
User=%i
ExecStart=/srv/homeassistant/bin/hass -c "/home/homeassistant/.homeassistant"

[Install]
WantedBy=multi-user.target

To:

[Unit]
Description=Home Assistant
After=network-online.target

[Service]
Type=simple
User=homeassistant
ExecStart=/srv/homeassistant/bin/hass -c "/home/homeassistant/.homeassistant"

[Install]
WantedBy=multi-user.target

Then run:

systemctl daemon-reload

Finally, edit configuration.yaml to:

device_tracker:
  - platform: asuswrt
    host: 192.168.1.1
    ssh_key: /home/homeassistant/.ssh/id_rsa
    username: admin

Restart the service and it worked straight away.

I am trying to switch my device tracker from telnet to SSH in hopes that I can upgrade to the newest merlin version however I can’t seem to get SSH to work with Home Assistant. None of the devices are being tracked by SSH when i do this. I just use a username and password for SSH so does it required a ssh_key? I don’t really want to upgrade until I am sure it is working because telnet is no longer supported.

I just posted how I got it working using SSH keys. If you don’t want to use the SSH key pair, you can skip those steps. I hope it is of use to you!

1 Like

Chasing down SSH keys may not be solving the problem, if the problem is caused by ASUS having omitted SSH services in their latest firmware for your router.
Check first that you can manually SSH into the router from a command line. If it says “connection refused” then the problem is not in HA, but with ASUS.
I can say - as confusing as it seems - that ASUS 3.0.0.4.382_51640-g679a7e3 does not include an SSH listener. Odd, that they would permit insecure telnet but not SSH nowadays.

You are responding to a topic that is over a year old :upside_down_face:

Oops. Should know better than to reply pre-coffee.
Surprised nonetheless that the SSH service is still missing from these devices.

I’m on Asuswrt Merlin firmware and SSL has always functioned for me. Perhaps that is a viable alternative for you?

I’m also using merlin firmware and have SSH working, but for device tracker I’m using the NMAP sensor.

Yep - it would be. Currently I’m giving freshtomato a try, as it’s what I’m most familiar with having used it on my other Bcm/MIPS routers.