Command line switch: shutdown remote via ssh

-My id_rsa key is placed in home/homeassistant/.homeassistant/ssh and the public.key (authorized keys) under the user homeassistant in .ssh.
-I have tried to login to my Synology with the admin account and then perform the poweroff command. It has to be “root” it says.

Okay is the octoprint server on the same Pi as HA?

Do you shutdown a Synology with ssh?

No they’re discrete environments.
HA is on a Linux NUC
Octoprint is on it’s own RPi.

What user did you use when installing HA, default homeassistant or…?

Defaults all the way with me, not confident enough (yet) to do much beyond that.

Same here, but still get an authentification error?
And you just placed the private key inside HA in a ssh-keys folder? Did you do anything about permissions of the folder and so on?

I did reset the permissions per the guides I referenced earlier.

It didn’t work without the appropriate permission and folder structure.
The folder I used is also referenced above…
Sorry, I’m not particularly strong in this area, I simply followed the guides to the best of my ability.

Okay thanks. I will have a look at the guides again and have another try.

How’d you get on?

It doesn´t work yet. When I look in the log of my Synology it says “successfully logged in” when executing the command from HA, but the log in HA says “command failed”.
So I guess the keys must somehow be correct for being able to log in from HA, but I still think it has something to do with user issue.

Isn´t Hass by default run under the user “homeassistant”?

As I told before the user in Home Assistant is totally uninteresting! You need to have a user on your Synology that has the permission to shut down the Synology!

Yes I know.
I actually have it working now… but only through sshpass and not with the ssh keys unfortuneately.
So I guess my user (hass) on the synology can shutdown the NAS, just not with ssh keys.
I proceeded like below. (Anyhow I would still rather make it work with keys than sshpass but can´t still figure out what is wrong.)

-Installed sshpass
sudo apt-get install sshpass
-switched to the user of Homeassistant:
sudo -u homeassistant -H -s
-ssh into the Synology to accept it as a valid host.
ssh [email protected]
-Created a bash script "synology_poweroff.sh"

#! /bin/bash
sshpass -p "password for target" ssh -t  user on target(hass)@192.168.1.110 "echo password for target | sudo -S poweroff"

Created a shell command:
turn_off_synology: bash /home/homeassistant/.homeassistant/bash_scripts/synology_poweroff.sh

and finally used this in a wake on lan switch:

  - platform: wake_on_lan
    mac: xx:xx:xx:xx:xx:xx
    name: "NAS"
    host: 192.168.1.110
    turn_off:
      service: shell_command.turn_off_synology

Have a look here:

I got it working for me

Thanks for sharing. I will try out your solution with the keys soon.

Hi all,
For everyone having issues due to home assistant in docker, the information in here helped me a lot:

It s important to put the keys in /config folder, and avoid asking about known_hosts, otherwise it gets silently stuck there.

switch:
  - platform: wake_on_lan
    mac: 94:c6:91:15:6c:6e
    name: nuc_tele
    turn_off:
      service: shell_command.turn_off_nuc_tele

shell_command:
  turn_off_nuc_tele: /usr/bin/ssh [email protected] -o "StrictHostKeyChecking no" -i /config/.ssh_keys/id_rsa "sudo /sbin/poweroff -f"

sudo with NOPASSWD should be enabled in “sudo visudo” for the homeassistant user (in the example above).

FYI there’s a section in that guide called Handling the known_hosts file which tells you how to deal with that file correctly. Turning off host key checking is bad security practice and isn’t necessary, you just have to move the file in the same way you did the keys.

Just adding -o UserKnownHostsFile=/config/.ssh_keys/known_hosts to your command and run it once from the ssh addon.

2 Likes

I’d actually (temporarily) given up on this but thanks to this thread finally got it working!! The key for me was the docker exec -it homeassistant bash to get my tests running from the right context.

I simplified a bit by creating a /config/dot-ssh directory for all the ssh stuff then using a symlink to link /root/.ssh to /config/dot-ssh.

Then ssh once from the docker context to update the known_hosts file and setting command_off to ssh [email protected] /sbin/poweroff works like a charm.

Thanks community!!

Scratch the part about simplifying a bit - seems /root gets cleared on update so you either have to create the link again or skip the link and use the -o and -i command line switches.