Hass.io and making ssh client requests to another device

Installation Home Assistant OS
1

I am trying to port my configuration from hasbian to hass.io… I had ssh keys configured for the home assistant service user on my old config and CLI switches that sent commands to another device.

It isn’t clear to me what user hass is running as and if it is linked to the ssh user.

If I want to create a ssh based cli switch again how would I generate SSH keys on hass.io ?

2

I think I have figured out a good way to do this, and applies to users running docker in general as well not just hass.io.

  1. I created a place to hold the keys in the /config directory so it will persist between updates / etc
  2. generated the keys into /config/.ssh/id_rsa_homeassistant with no password as I need to call this from a config
  3. when calling ssh I specify the Specific key file to use -i /config/.ssh/id_rsa_homeassistant and -oStrictHostKeyChecking=no as otherwise the command will fail without interactivly accpeting the host key the first time.

My command looks something like this

command_on: “ssh -i /config/.ssh/id_rsa_homeassistant -oStrictHostKeyChecking=no [remote_username]@[remote_host] -q [remote_command]”

Hope this helps others… There is some concern about the security of the key files stored this way so it is advisable to not give the user much permission on the remote system. This will however work for automating a large number of systems that can be controlled via ssh.

1 Like
3

Thanks @BlinkyLights,

you’re right, I have recently setup HA in Docker and I use ssh for some command line sensors, and this looks useful.
I updated the Docker image a couple of times so far and was using these commands:

docker exec -it home-assistant bash
# ssh-keygen -t rsa
# cat /root/.ssh/id_rsa.pub | ssh [email protected] 'cat >> .ssh/authorized_keys'

Now I will check out your persistent way!