Didn't get SSH working

I want to make access from the internet working, but didn’t get SSH working. I installed the addon and also set the port to 22


Restarted the addon, but nothing happens. I also disabled my local laptop’s firewall and checked if I can access my NAS on port 22. That seems to be Ok.
I found on the internet that there are problems with version 8.4+, but putting 22 in the host field should do the trick. Not with me.

My installation is running on Raspberry PI 4.

Installation

The installation of this add-on is pretty straightforward and not different in
comparison to installing any other Home Assistant add-on.

  1. Search for the “SSH & Web Terminal” add-on in the Supervisor add-on store
    and install it.
  2. Configure the username and password/authorized_keys options.
  3. Start the “SSH & Web Terminal” add-on.
  4. Check the logs of the “SSH & Web Terminal” add-on to see if everything
    went well.

(see addon-ssh/ssh/DOCS.md at 3de03d1c6d659c0303ff2e0206030bade73efaf0 · hassio-addons/addon-ssh · GitHub)

I don’t see any passwort nor authorized key configured in your example …

Btw: The network section is to map any host port to port 22 (ssh) of the container. Maybe port 22 on you host is already blocked. But first - complete the configuration.

Hi Christoph,
Thanks, putting in a password works. It’s not the safest option, but the system is in my inside LAN.
Regards
Alex

Actually, it’s the most unsecure. That’s why you can specify authorized keys …

Like everything else I keep coming across with homeassistant, there seems to be multiple different sources for documentation. In this case, you point to a github documentation page while the Terminal & SSH add-on documentation shows something different. That is likely because you pointed to a different SSH server than the “official” one in the add-on store which is what the OP was asking about.

Like him, I’ve installed the “official” one and have followed the documentation as best I can to use my ssh key to connect to my home assistant VM. However, although I can open the web terminal, I can’t connect via a normal ssh client. I get a “Connection refused” error when I try.

The server log shows:

s6-rc: info: service s6rc-oneshot-runner: starting
s6-rc: info: service s6rc-oneshot-runner successfully started
s6-rc: info: service fix-attrs: starting
s6-rc: info: service fix-attrs successfully started
s6-rc: info: service legacy-cont-init: starting
cont-init: info: running /etc/cont-init.d/apks.sh
cont-init: info: /etc/cont-init.d/apks.sh exited 0
cont-init: info: running /etc/cont-init.d/keygen.sh
[13:10:17] INFO: Restoring host keys...
cont-init: info: /etc/cont-init.d/keygen.sh exited 0
cont-init: info: running /etc/cont-init.d/profile.sh
cont-init: info: /etc/cont-init.d/profile.sh exited 0
cont-init: info: running /etc/cont-init.d/ssh.sh
[13:10:17] INFO: Setup authorized_keys
cont-init: info: /etc/cont-init.d/ssh.sh exited 0
s6-rc: info: service legacy-cont-init successfully started
s6-rc: info: service legacy-services: starting
services-up: info: copying legacy longrun sshd (no readiness notification)
services-up: info: copying legacy longrun ttyd (no readiness notification)
s6-rc: info: service legacy-services successfully started
[13:10:18] INFO: Starting Web Terminal...
[2022/12/05 13:10:18:9839] N: ttyd 1.6.3-3e37e33 (libwebsockets 4.2.1-v4.2.1)
[2022/12/05 13:10:18:9846] N: tty configuration:
[2022/12/05 13:10:18:9850] N:   start command: tmux -u new -A -s homeassistant bash -l
[2022/12/05 13:10:18:9854] N:   close signal: SIGHUP (1)
[2022/12/05 13:10:18:9858] N:   terminal type: xterm-256color
[2022/12/05 13:10:18:9863] N: LWS: 4.2.1-v4.2.1, loglevel 7
[2022/12/05 13:10:18:9867] N: NET CLI SRV H1 H2 WS ConMon IPV6-off
[2022/12/05 13:10:18:9885] N:    /usr/lib/libwebsockets-evlib_uv.so
[2022/12/05 13:10:19:0000] N:  Using foreign event loop...
[2022/12/05 13:10:19:0003] N:  ++ [wsi|0|pipe] (1)
[2022/12/05 13:10:19:0003] N:  ++ [vh|0|netlink] (1)
[2022/12/05 13:10:19:0007] N:  ++ [vh|1|default||8099] (2)
[2022/12/05 13:10:19:0008] N: lws_socket_bind: nowsi: source ads 0.0.0.0
[2022/12/05 13:10:19:0010] N:  ++ [wsi|1|listen|default||8099] (2)
[2022/12/05 13:10:19:0011] N:  Listening on port: 8099
[13:10:19] INFO: Starting the SSH daemon...
Server listening on 0.0.0.0 port 22.

Server listening on :: port 22.

My SSH server configuration is:

authorized_keys:
  - >-
    ssh-rsa  AAAAB3....8PqIig7==my-key
password: ""
apks: []
server:
  tcp_forwarding: false
username: garydale

(with & without it being quoted, with & without a username and with & without the ==my-key) which is a direct copy of my public key that I use for other ssh servers.

NOTE: to get this to do anything, I had to choose the “edit in YAML” choice in the Options.

The most I’ve been able to get is “Permission denied (publickey,keyboard-interactive)” when I try to connect using

ssh <username@><VMs IP address>

with and without the <username@> part, which I rarely need for most ssh connections. I’ve tried using both garydale & homeassistant as the username in the YAML config and also in the ssh command.

I’m getting very frustrated by this. Normally setting up an ssh server and copying my public key to it is a dead simple operation. Any assistance would be appreciated.