Home Assistant Community Add-on: SSH & Web Terminal

ok I did it. thank you!

Decided to migrate from the official Terminal & SSH add-on to this one after learning about nmcli support since Iā€™ve been having some trouble getting adguard set up correctly. Iā€™m run into a couple hiccups in the process I was hoping for advice on

  1. I used to have an alias in my .profile so I could just type ssh-hassio and get in. Part of that alias was a little addition I found to start me in my config folder since thatā€™s usually where I wanted to go (add -t cd config && exec bash -l to the end for anyone interested). This doesnā€™t seem to work anymore, it always starts my session in the home folder which is /root. Is there an alternate way to set the default folder that sessions start at?
  2. I had another snippet called scp-hassio that allowed me to easily move files into my hassio config directory from my local machine. It looks like scp has the same problems as sftp described in the docs though, it only works if you use root as the username. Is there an alternative way I can copy a file over without switching to root as the username? It seems like your addon looks at stdin for input, is there a way to use that to get a oneliner for sending a file to HA I can wrap up in alias?
  3. I use an app called JuiceSSH on my phone in case I wanted to ssh in and check or tweak something. Looks like that app is behind on security standards though since I now get an ā€œalgorithm negotiation failureā€ unless I turn on compatibility mode. I donā€™t really want to do that so has anyone found an android app that does SSH and does support the latest security standards? [UPDATE] Just found Termius which appears to work with compatibility mode off so this one is solved

Looks great though and love the session sharing feature, very cool

OK for some reason my ssh port was removed. I added it again however, before i did i removed the ssh add on and readded it so now my iPad canā€™t connect because the server host key changed.

[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] cli: applying... 
[fix-attrs.d] cli: exited 0.
[fix-attrs.d] profile: applying... 
[fix-attrs.d] profile: exited 0.
[fix-attrs.d] ssh: applying... 
[fix-attrs.d] ssh: exited 0.
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] keygen.sh: executing... 
[21:24:31] INFO: Generating host keys...
ssh-keygen: generating new host keys: RSA DSA ECDSA ED25519 
[cont-init.d] keygen.sh: exited 0.
[cont-init.d] profile.sh: executing... 
[cont-init.d] profile.sh: exited 0.
[cont-init.d] ssh.sh: executing... 
[21:24:32] INFO: Setup authorized_keys
[cont-init.d] ssh.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[21:24:33] INFO: Starting Web Terminal...
[services.d] done.
[2020/03/17 21:24:33:0285] N: ttyd 1.6.0-c15cfb7 (libwebsockets 3.2.2)
[2020/03/17 21:24:33:0285] N: tty configuration:
[2020/03/17 21:24:33:0286] N:   start command: tmux -u new -A -s homeassistant bash -l
[2020/03/17 21:24:33:0286] N:   close signal: SIGHUP (1)
[2020/03/17 21:24:33:0286] N:   terminal type: xterm-256color
[2020/03/17 21:24:33:0484] N:  Using foreign event loop...
[2020/03/17 21:24:33:0492] N:  Listening on port: 8099
[21:24:33] WARNING: SSH port is disabled. Prevent start of SSH server.

Make a new one?

Hi i realized that what happened was on my clients i had to removed them from the .ssh/known_hosts folder as the key was different. After that it all worked as a new key was accepted and saved there. All good now! Thank you

1 Like

Hi,

Ever since sometime today, without making any changes, I am unable to login to Home Assistant via my zsh (on my MacBook Pro). It seems that port 22 cannot be enabled in the add-on, the hassio supervisor returns the following:

20-03-21 00:03:49 ERROR (SyncWorker_19) [supervisor.docker] Canā€™t start addon_core_ssh: 500 Server Error: Internal Server Error (ā€œdriver failed programming external connectivity on endpoint addon_core_ssh (5b82e65fd51086499e28f4c2f2d53c983df19f7d4ed98b9835fe54ce30c45d63): Error starting userland proxy: listen tcp 0.0.0.0:22: bind: address already in useā€)

This is the add-onā€™s log:
[services.d] starting services
[services.d] done.
[02:09:40] WARNING: SSH port is disabled. Prevent start of SSH server.
[02:09:40] INFO: Starting Web Terminalā€¦
[2020/03/21 02:09:40:3486] N: ttyd 1.6.0-c15cfb7 (libwebsockets 3.2.2)
[2020/03/21 02:09:40:3486] N: tty configuration:
[2020/03/21 02:09:40:3487] N: start command: tmux -u new -A -s homeassistant bash -l
[2020/03/21 02:09:40:3490] N: close signal: SIGHUP (1)
[2020/03/21 02:09:40:3490] N: terminal type: xterm-256color
[2020/03/21 02:09:40:3789] N: Using foreign event loopā€¦
[2020/03/21 02:09:40:3795] N: Listening on port: 8099

I have restarted all my containers but still the same. I have also tried uninstalling the add-on but it seems that home assistant would not let me to and keeps loading until I close the browser tab and reopen it in another.

Any ideas?

The host will ALREADY be using port 22 so the addon canā€™t bind to the same port - it actually tells you that in the message. So in the addon pick a different port. I use 622ā€¦ but anything will do.

Hi David,

Thanks for your prompt feedback. I changed the port to 23 and it did work, however I wonder how was I able to access it on the default port (22) before today?

I am running Home Assistant on an OpenMediaVault installation, and I was able to SSH both to the OMV and to the HomeAssistant using the default port with different usernames. What could have changed that does not allow me to do it now? Could it be the network connectivity of the HomeAssistant - it is ā€œHostā€ and I believe it was set on ā€œHostā€ before as wellā€¦

 netstat -tan
Active Internet connections (servers and established)
Proto Recv-Q Send-Q Local Address           Foreign Address         State      
tcp        0      0 0.0.0.0:44479           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:2049            0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:35717           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:139             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:5355            0.0.0.0:*               LISTEN     
tcp        0      0 192.168.0.137:5357      0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:44877           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:50063           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:111             0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:55669           0.0.0.0:*               LISTEN     
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:22              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:23              0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:8123            0.0.0.0:*               LISTEN     
tcp        0      0 172.30.32.1:63099       0.0.0.0:*               LISTEN     
tcp        0      0 0.0.0.0:445             0.0.0.0:*               LISTEN     
tcp        0      0 192.168.0.137:36294     192.168.0.173:23        TIME_WAIT  
tcp        0      0 192.168.0.137:42512     122.51.123.203:443      TIME_WAIT  
tcp        0      0 172.30.32.1:42902       172.30.33.0:1883        ESTABLISHED
tcp        0      0 192.168.0.137:36320     192.168.0.173:23        TIME_WAIT  
tcp        0      0 192.168.0.137:36000     192.168.0.137:23        ESTABLISHED
tcp        0      0 192.168.0.137:48766     3.122.122.135:8080      ESTABLISHED
tcp        0      0 172.30.32.1:8123        172.30.32.2:57040       ESTABLISHED
tcp        0      0 127.0.0.1:39785         127.0.0.1:50474         ESTABLISHED
tcp        0      0 192.168.0.137:36302     192.168.0.173:23        TIME_WAIT  
tcp        0      0 192.168.0.137:42514     122.51.123.203:443      TIME_WAIT  
tcp        0      0 127.0.0.1:53305         127.0.0.1:1883          ESTABLISHED
tcp        0      0 192.168.0.137:36342     192.168.0.173:23        TIME_WAIT  
tcp        0   1568 192.168.0.137:22        192.168.0.121:49951     ESTABLISHED
tcp        0      0 192.168.0.137:36354     192.168.0.173:23        TIME_WAIT  
tcp        0      0 192.168.0.137:8123      46.238.53.219:50103     ESTABLISHED
tcp        0      0 192.168.0.137:36330     192.168.0.173:23        TIME_WAIT  
tcp        0      0 127.0.0.1:50474         127.0.0.1:39785         ESTABLISHED
tcp        0      0 192.168.0.137:23        192.168.0.137:36000     ESTABLISHED
tcp        0      0 192.168.0.137:42540     122.51.123.203:443      TIME_WAIT  
tcp        0      0 192.168.0.137:42510     122.51.123.203:443      TIME_WAIT  
tcp        0      0 192.168.0.137:42550     122.51.123.203:443      TIME_WAIT  
tcp        0      0 192.168.0.137:55216     52.57.118.192:8080      TIME_WAIT  
tcp        0      0 192.168.0.137:42546     122.51.123.203:443      TIME_WAIT  
tcp6       0      0 :::8000                 :::*                    LISTEN     
tcp6       0      0 :::36673                :::*                    LISTEN     
tcp6       0      0 :::2049                 :::*                    LISTEN     
tcp6       0      0 :::9090                 :::*                    LISTEN     
tcp6       0      0 :::60935                :::*                    LISTEN     
tcp6       0      0 :::9000                 :::*                    LISTEN     
tcp6       0      0 :::5355                 :::*                    LISTEN     
tcp6       0      0 :::139                  :::*                    LISTEN     
tcp6       0      0 :::111                  :::*                    LISTEN     
tcp6       0      0 :::80                   :::*                    LISTEN     
tcp6       0      0 :::8883                 :::*                    LISTEN     
tcp6       0      0 :::60371                :::*                    LISTEN     
tcp6       0      0 :::8884                 :::*                    LISTEN     
tcp6       0      0 :::21                   :::*                    LISTEN     
tcp6       0      0 :::22                   :::*                    LISTEN     
tcp6       0      0 :::23                   :::*                    LISTEN     
tcp6       0      0 :::1883                 :::*                    LISTEN     
tcp6       0      0 :::1627                 :::*                    LISTEN     
tcp6       0      0 :::43355                :::*                    LISTEN     
tcp6       0      0 :::1884                 :::*                    LISTEN     
tcp6       0      0 :::51165                :::*                    LISTEN     
tcp6       0      0 :::445                  :::*                    LISTEN     

I wouldnā€™t use 23 as that is normally reserved for Telnetā€¦

Hello, thanks sir.

I am still wondering how I was able to ssh into OMV and HomeAssistant (using different users) on the same portā€¦

I am running Home Assistant on an OpenMediaVault installation. What could have changed that does not allow me to do it now? Could it be the network connectivity of the HomeAssistant - it is ā€œHostā€ and I believe it was set on ā€œHostā€ before as wellā€¦

Hello. I prefer to use bash over zsh. How can I set up a bashrc and bash_aliases and have them sourced upon login of non-root user? A created the files but they do not persist. Thanks

I did a fresh install of Home Assistant/Hassio on a RPi with the 3.13 image and this add-on is not available from the add-on store. (or anything related to SSH)

Has this been removed? I usually recommend setting up SSH as soon as possible in case of braking the WebUI by misstake (even if it is getting harder and harderā€¦).

It seems the SSH add-on is now hidden until you enable advanced mode

image

Click on your name in the lower left corner and enable advanced mode. Then you will probably see it.

3 Likes

Hi! The latest update removed port 22. So far ssh so I connected. Now it says that port 22 is in use. Why? Of course you can rewrite the port, but I want to know what has changed. Thank you

I have just tried to install the addon and it wont start stating;
Bind to port 22 on 0.0.0.0 failed: Address in use.
Bind to port 22 on :: failed: Address in use.
Cannot bind any address.
[cont-finish.d] executing container finish scriptsā€¦
[cont-finish.d] 99-message.sh: executingā€¦
I do have ssh enabled on the underlying raspbian. Do I need to change that? or am I able to change the add-on port?

You canā€™t use port 22 for BOTH So set a different port for the addon. I use 622. Then I can ssh 22 for the host (Debian in my case) and 622 for Hassio

David how you set the port on the addon

image

1 Like

hmmm feeling stupid ā€¦ thanks

Is this addon available for 64bit RPI 4? I dont see it on the addon store