Command line switch: shutdown remote via ssh

jeppper · June 11, 2020, 1:41pm

-My id_rsa key is placed in home/homeassistant/.homeassistant/ssh and the public.key (authorized keys) under the user homeassistant in .ssh.
-I have tried to login to my Synology with the admin account and then perform the poweroff command. It has to be “root” it says.

jeppper · June 11, 2020, 1:43pm

Okay is the octoprint server on the same Pi as HA?

jeppper · June 11, 2020, 1:56pm

Do you shutdown a Synology with ssh?

CrouchingWorm · June 11, 2020, 9:46pm

No they’re discrete environments.
HA is on a Linux NUC
Octoprint is on it’s own RPi.

jeppper · June 15, 2020, 3:19pm

What user did you use when installing HA, default homeassistant or…?

CrouchingWorm · June 15, 2020, 9:58pm

Defaults all the way with me, not confident enough (yet) to do much beyond that.

jeppper · June 16, 2020, 10:17am

Same here, but still get an authentification error?
And you just placed the private key inside HA in a ssh-keys folder? Did you do anything about permissions of the folder and so on?

CrouchingWorm · June 18, 2020, 5:12am

I did reset the permissions per the guides I referenced earlier.

It didn’t work without the appropriate permission and folder structure.
The folder I used is also referenced above…
Sorry, I’m not particularly strong in this area, I simply followed the guides to the best of my ability.

jeppper · June 18, 2020, 2:49pm

Okay thanks. I will have a look at the guides again and have another try.

CrouchingWorm · June 22, 2020, 7:58am

How’d you get on?

jeppper · June 22, 2020, 5:38pm

It doesn´t work yet. When I look in the log of my Synology it says “successfully logged in” when executing the command from HA, but the log in HA says “command failed”.
So I guess the keys must somehow be correct for being able to log in from HA, but I still think it has something to do with user issue.

jeppper · June 27, 2020, 9:20am

Isn´t Hass by default run under the user “homeassistant”?

carsten_h · June 27, 2020, 9:30am

As I told before the user in Home Assistant is totally uninteresting! You need to have a user on your Synology that has the permission to shut down the Synology!

jeppper · June 27, 2020, 11:58am

Yes I know.
I actually have it working now… but only through sshpass and not with the ssh keys unfortuneately.
So I guess my user (hass) on the synology can shutdown the NAS, just not with ssh keys.
I proceeded like below. (Anyhow I would still rather make it work with keys than sshpass but can´t still figure out what is wrong.)

-Installed sshpass
sudo apt-get install sshpass
-switched to the user of Homeassistant:
sudo -u homeassistant -H -s
-ssh into the Synology to accept it as a valid host.
ssh [email protected]
-Created a bash script "synology_poweroff.sh"

#! /bin/bash
sshpass -p "password for target" ssh -t  user on target(hass)@192.168.1.110 "echo password for target | sudo -S poweroff"

Created a shell command:
turn_off_synology: bash /home/homeassistant/.homeassistant/bash_scripts/synology_poweroff.sh

and finally used this in a wake on lan switch:

  - platform: wake_on_lan
    mac: xx:xx:xx:xx:xx:xx
    name: "NAS"
    host: 192.168.1.110
    turn_off:
      service: shell_command.turn_off_synology

Lucan · November 20, 2020, 11:59pm

Have a look here:

I got it working for me

jeppper · November 21, 2020, 1:01pm

Thanks for sharing. I will try out your solution with the keys soon.

amadorpozo · June 30, 2022, 5:09pm

Hi all,
For everyone having issues due to home assistant in docker, the information in here helped me a lot:

It s important to put the keys in /config folder, and avoid asking about known_hosts, otherwise it gets silently stuck there.

switch:
  - platform: wake_on_lan
    mac: 94:c6:91:15:6c:6e
    name: nuc_tele
    turn_off:
      service: shell_command.turn_off_nuc_tele

shell_command:
  turn_off_nuc_tele: /usr/bin/ssh [email protected] -o "StrictHostKeyChecking no" -i /config/.ssh_keys/id_rsa "sudo /sbin/poweroff -f"

sudo with NOPASSWD should be enabled in “sudo visudo” for the homeassistant user (in the example above).

CentralCommand · June 30, 2022, 5:57pm

FYI there’s a section in that guide called Handling the known_hosts file which tells you how to deal with that file correctly. Turning off host key checking is bad security practice and isn’t necessary, you just have to move the file in the same way you did the keys.

Just adding -o UserKnownHostsFile=/config/.ssh_keys/known_hosts to your command and run it once from the ssh addon.

fretwire · July 13, 2022, 9:00pm

I’d actually (temporarily) given up on this but thanks to this thread finally got it working!! The key for me was the docker exec -it homeassistant bash to get my tests running from the right context.

I simplified a bit by creating a /config/dot-ssh directory for all the ssh stuff then using a symlink to link /root/.ssh to /config/dot-ssh.

Then ssh once from the docker context to update the known_hosts file and setting command_off to ssh root@fqdn /sbin/poweroff works like a charm.

Thanks community!!

fretwire · July 14, 2022, 1:38pm

Scratch the part about simplifying a bit - seems /root gets cleared on update so you either have to create the link again or skip the link and use the -o and -i command line switches.