Hass.io is erasing my SSH keys

I use Gitlab.com to store configs for several Hass.io installations, and an SSH keypair generated on the Pi to authorize access from Hass.io to my Gitlab account. Whenever I update configs, I push/pull from that repo.

On one of the Hass.io installations I work with, my SSH keys for this process (normally stored in /root/.ssh) keep going missing. Twice now they’ve just vanished, along with the contents of /root/.ssh/known_hosts. So I have to keep re-generating SSH keys and re-adding them to Gitlab.

Can anyone think of why this would be happening? It’s especially weird because it’s only happening on one of my installs.

This just happened again. No one has any ideas? Something in hassio is deleting my /root/.ssh folder.

1 Like

A docker container doesn’t retain data. You can’t put your keys in the root of the container and expect it to stay after it gets updated.

Docker containers are not intended to store any data. That’s what bind mounts are for.

Hassio runs on Docker.

1 Like

Store the keys in a subfolder of config instead.

Not a bad idea…then I think I’d just have to explicitly provide the key when making a command, because it wouldn’t get picked up automatically, right?

I’ve been trying to figure out why the keys are persisting on one of my installs but not the other, because in both cases it looked like they were in /root/.ssh. Upon closer inspection, on the system where the keys persist, /root/.ssh is actually a symlink to /data/.ssh. That’s my older installation, and I don’t remember doing that, but I must have been following a tutorial or something. I don’t understand why that would make a difference, because presumably whether it’s a symlink or a directory you would still expect it to get wiped out by an update…but it never does.

So I’ve replicated that setup on the other system (where the keys are getting wiped out every update) and we’ll see if it makes a difference.

Or use the community edition of the SSH server. That version does persist this kind of data.

1 Like

Awesome, thank you, that seems to do the trick…and as it turns out, that was the difference. Apparently I was running the community edition on one system, and the out-of-the-box version on the other.

1 Like

I figured out a simple solution for this, as I ran into this as well and didn’t want to install another ssh add on.

You can generate the ssg-keygen into the config folder, I did /config/.ssh to be consistent.

Then in your /config/.git/config file add the following:

        sshCommand = ssh -i /config/.ssh/id_rsa

Then for every git command for that repo it will use that specific ssh key. Plus then you also commit the ssh key at this point in case anything were to happen, win win.

1 Like

Sorry for resurrecting an old thread, but…

Could you possibly show some more code as to demonstrate how you use this?


What are you looking for Phill? I put the ssh keys (id_rsa and id_rsa.pub) into a new folder: /config/.ssh folder. Then update /config/.git/config file with the code I posted before.

Then anywhere you run git commands like git push or git pull it will use that ssh key, and since that ssh key is in your config folder, it won’t get deleted (which the default location does due to the docker setup for hassio ~/.ssh which is /root/.ssh )

ok, thanks.