Unfortunately, that is not a test for this, since that add-on (core ssh) does not run on the host network. Hass.io uses 2 different methods for resolving, depending if the add-on runs on the host network or not.

Release v4.0.2

Full Changelog

Changed

• Fixes issue with webterminal on SSL by using older libwebsockets
• Adds backport of libwebsockets 3.0.1 to support armv7

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck

Release v4.0.3

Full Changelog

Changed

• Upgrades add-on base image to 3.0.1

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck

Release v4.1.0

Full Changelog

Changed

• Upgrades hassio-cli to v2.2.0
• Adds support for using secrets as authorized_keys

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck

Release v5.0.0

Full Changelog

This release adds Hass.io Ingress support to the add-on

Changed

• Changes base image running Python 3.7.3
• Removes now obsolete local Python setup
• Reduce image size a little
• Upgrades base image to v1.1.0
• Upgrades bind-tools to 9.12.3_p4-r0
• Upgrades wget to 1.20.3-r0
• Improves S6 finish scripts
• Adds Hassio Ingress support + General refactor
• Fixes Markdownlint warnings

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck

Did I miss a breaking change about ‘port’ being removed from the ssh section? I guess it comes from the Ingress support after reading about that.

Can still set them under network

Just updated to 0.91.3 and then updated this addon to 5.0.0 but I get the error “502: Bad Gateway” using Chrome.

I’ve already cleared the cache of the browser.

Any suggestion?

In the meantime I will revert back to previous version of the addon that is necessary to me.

It’s working fine for me. WHat are your addon settings? Did you add the ports under network?

Thanks @DavidFW1960

The issue was the SSH port 22 which was already in use.

I’ve reset to default settings and modify what needed, then removed the port from Web Terminal and change the SSH port to another one.

And it’s working.

Now to have it work as standalone in browser (I don’t use it within Hassio, but as a new browser tab) what should I do?

Opening from “OPEN WEB UI” i have something like
http://my_ip:8123/hassio/ingress/somechar_ssh
but it does not work.

Is there a way to use it in plain view, not within the Hassio page?

Thanks

You should use ipaddress:whatever port you specified for web terminal … 7681 in my screenshot above

Thanks again!

The new credentials are the HA ones since they are not defined anymore in the Web terminal part of the settings

Ok, I’m asking this from a position of what you might call ignorance so apologies in advance

I am currently using the official hassio SSH Server add-on which gives a security rating of 4

but I like the look of the Community SSH & Web Terminal add-on. That however, only has a security rating of 1

Should this be a concern?

I have no open ports so I suspect the answer is ‘no’, but I do use a VPN and have also started using ZeroTier.

I think that depends on the options you set in the addon… what settings have you used?

I haven’t yet as I haven’t installed it (but I’d like to).

In the official one I have:

{
“authorized_keys”: [
“ssh-rsa MY KEY HERE”
],
“password”: “”
}

I mean in the community one. Mine is 1 but only because (I think) I use root, compatibility mode and SFTP.

Yes, I haven’t installed the community one so don’t have any settings yet but the rating is shown as 1 before I install it which is causing me to hesitate doing so (rightly or wrongly).

Depends on the situation.

The security rating of an add-on is determined by the level of access an add-on has to the system. The more access an add-on requests, the higher the risks become (that is the philosophy).

The community add-on was designed as a Swiss knife. It has access to the hardware (allowing for Bluetooth scans or debugging GPIO pins), but also give you access to the Docker system running on the host operating system (yes, even on HassOS).

This makes it possible to do about anything you can think of, but at the same time, in the wrong hands, it makes it easier to damage the system (by either unauthorized access or incorrect usage by the user).

The add-on itself is made with care, and I consider it secure. Nevertheless, the fact remains, it gets access to a lot of things, while the purpose of the add-on, it adds risks on different levels.

Release v5.0.1

Full Changelog

This release adds support for the “Add to sidebar” feature that became available in Home Assistant 0.92.

Please note: You need to have Home Assistant 0.92 or newer to be able to install this update.

Changes

• Upgrades bind-tools to 9.12.3_p4-r2
• Upgrades openssh to 7.9_p1-r5
• Updates Home Assistant requirement to 0.92.0b2
• Adds support for showing in sidebar

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck

Release v5.0.2

Full Changelog

This release is a generic update release.

Changes

• Fixes spelling error in documentation (#74) (@nickdaria)
• Upgrades bind-tools to 9.12.4_p1-r1
• Upgrades lua-resty-http to 0.13-r0
• Upgrades MariaDB client to 10.3.13-r1
• Upgrades nginx to 1.14.2-r1
• Upgrades ttyd to 1.4.4
• Updates homeassistant_cli to v0.7.0 (#75)
• Turns of Lua Resty core in Nginx

Questions? Join our Discord server! https://discord.me/hassioaddons
Enjoying my add-ons? Consider supporting my work: https://patreon.com/frenck