I’m looking for a way to automatically start the ssh-agent on boot of my Home Assistant running Hass.io on my Raspberry Pi.
Background:
I have accessed the Pi via SSH and am configuring Git to communicate with my repository over SSH
I have set up the key pair etc. in root/.ssh and Git via SSH is working correctly
I can run eval "$(ssh-agent -s)" to start the ssh-agent and then run shh-add to add my key to the ssh-agent (so I don’t have to type in passphrase every time)
After a HA reboot the ssh-agent doesn’t start automatically loaded with my key, I have to start ssh-agent again/add my key. Any ideas?
I’m not sure why you need the system to use git at all.
You can easily use git on your local machine that you’re editing from, on the SMB share. If you’re editing on the SMB share and it is a git repo, you can perform all the same git commands there. Hassio doesn’t need to do it.
Yup, I have Git Pull and occasionally enable it to pull changes onto the Pi.
Usually I want to test changes out before committing them though. I often commit changes to the repository straight from the Pi after tweaking until I’m happy.
You should look at syncthing addon and client on your computer
make changes locally on your computer (it can be a git repo too), it automatically syncs to your home assistant config directory, and you can run your tests, when done, git commit the changes on your client machine (desktop/laptop) and voila, you have eliminated the need for an SMB share running on your home assistant box, you have eliminated the need to install git on hassio, and you get to test all your changes while working comfortably from a good text editor.
Cool thanks, don’t know Syncthing will check it out.
I’m aware there are various different ways to edit your config. I’m looking specifically for a way to use Git via SSH with less hassle, from within Hass.io.
As you are probably aware, this thread is further reaching that just git in your example. I am glad that I stumbled upon this very helpful thread, but only after debugging on my own for 2 days.
I am trying to run scp as part of a backup script for my hassio. Only through verbose debugging was I able to discover that my script with scp kept failing asking for my passphase in a routine without user keyboard interaction available. That was not desirable at all.
The article that you reference is a terrific description of the options for keys with passphrases or without and use of ssh-agent. I have temporarily decided to forego the use a passphase on my keys but only because I sit behind a firewall with no exposed ports and I am operating on an internal network only.
However, I think we should consider requesting an hassio upgrade to permit enabling/disabling of ssh-agent. The hassio community would have to consider any security concerns.
If I am unsuccessful to get broader support of ssh-agent, then I may use a similar script as you did above. THANKS!