Error with my HTTP(s) configuration, can't edit my configuration.yaml anymore

Dimitri_Sorel · October 12, 2019, 3:28pm

Hi everyone !
I’ve done a big mistake on my Hass.io (On Raspberry Pi 3)

Still now, I edited my configuration.yaml with the webapp Configurator.
I wanted to install DuckDNS, I did that :

Created a domain on DuckDNS
Installed the add-on and wroten my token and the domain
Forwarded my Port on my router (8123 to 8123 on TCP), my Raspberry has a fixed IP
Added those lines with my domain

http:
  base_url: https://<my-domain>.duckdns.org:8123
  ssl_certificate: /ssl/fullchain.pem
  ssl_key: /ssl/privkey.pem

Maybe I did something wrong because now I have no more access to my web interface (DuckDNS domain doesn’t work (connection too long) and my local domain (hassio.local:8123) say I have not the right (I tried with HTTP and HTTPS protocol for both)
The problem is I didn’t set my SSH or Samba yet, so I can’t edit my configuration.yaml anymore
Is there a way to connect on a basic ssh or something ?
I tried to read the mini SD card on my macbook but its unreadable, I also tried to plug an HDMI and a keyboard but nothing display… I don’t know what to do haha

Thx everyone for your help

tom_l · October 12, 2019, 11:13pm

You can plug a keyboard and display directly into the pi for console access.

Login as root (no password needed)

At the hassio > prompt, type login (as instructed).

But before you do that, what error do you see in your browser when you try to access https://[ip_address]:8123

jimz011 · October 13, 2019, 1:05am

He needs to login from a desktop browser for that to work. On iOS for example it will not allow you to login to HA if the certificate is not right. (Might be the same thing on safari but I wouldn’t know).

In my case it only works on a desktop browser to go to the local ip and get logged in, it will still give the warning that the certificate isn’t trusted. But you should be able to get past that.

tom_l · October 13, 2019, 1:13am

True. I assumed he was using the laptop he mentioned.

nickrout · October 13, 2019, 1:28am

or ssh in.

tom_l · October 13, 2019, 4:47am

You must have missed this Nick:

nickrout · October 13, 2019, 4:52am

I did miss that sorry.

Said it once, and I’ll say it until I am blue in the face, hassos should include sshd by default!

tom_l · October 13, 2019, 5:04am

Unfortunately I think the security concern of having a default SSH connection outweighs the inconvenience if the user forgets to enable it.

nickrout · October 13, 2019, 5:19am

Yeah if you are running sshd properly you should be using certificate authentication, which is a bit much for a new user to set up on installation.

Libreelec (a minimal kodi system “applicance”) allows you to set your ssh password on first run, otherwise you get the well known default. Then again libreelec isn’t quite as sensitive in that it doesn’t control access to your house, all your lights and so forth.

I suggest changing the docs to recommend ssh’s installation after the installation phase. And to recommend the same in the frontend on first connection, straight after setting up the first user.

Thinking aloud, install sshd by default, but don’t start it unless the user ticks “allow ssh for this user” when creating the first user.

Dimitri_Sorel · October 14, 2019, 9:05am

Hey,

It said ERR_CONNECTION_REFUSED

I did it but I don’t know how to setup the SSH connection now

nickrout · November 13, 2019, 4:14am

But you asked in your first post how to edit your configuration.yaml. Now you know. It is just a simple

nano configuration.yaml