/usr/bin/bash
I’ve tryied to run this shell_command:
harmonize: ssh -i /config/myssh/chiavi -o StrictHostKeyChecking=no [email protected] -tt ‘/home/pi/prova.sh’
after created a prova.sh:
#!/bin/bash
echo “CIAO”
then chmod 777 prova.sh
after called service in home assistant, getting none in logs.
First you wrote that bash is actually found at 
.
But the script calls bash from a different location 
Note the discrepancy? Maybe just a typo here, but if indeed your bash is at /usr/bin/bash and the shebang in the test-script is pointing elsewhere (/bin/bash), then that might be the reason it’s failing.
Youre restarting HA in between changes as well, right? (I know you are, asking just to be sure.)
Perhaps you could enable debug level logging for shell commands while we’re trying it out? That is, in your HA configuration.yaml:
# Log
logger:
default: warning # or whatever you have from the start
logs:
homeassistant.components.shell_command: debug
Ok, I’ve modified prova.sh pointing to right bash.
Then insert in configuration.yaml log script, then restart (as always).
Then go to Service and call shell_command.harmonize service, start.
Log…
020-12-14 22:16:39 DEBUG (MainThread) [homeassistant.components.shell_command] Stdout of command: ssh -i /config/myssh/chiavi -o StrictHostKeyChecking=no [email protected] -tt '/home/pi/prova.sh', return code: 0:
b’CIAO\r\n’
2020-12-14 22:16:39 DEBUG (MainThread) [homeassistant.components.shell_command] Stderr of command: ssh -i /config/myssh/chiavi -o StrictHostKeyChecking=no [email protected] -tt '/home/pi/prova.sh', return code: 0:
b’Connection to 192.168.1.41 closed.\r\n’
It works. My job is done. 
That is, now we know that the SSH thingy is fully functional. You are successfully running commands on your raspberry through HA.
Next step for you is to check the script you’re calling. Start with the path to it and all paths in it. Make sure all executables are being called by absolute paths. Keep debug log active for shell commands while you’re testing. Revert back to running harmonize.py; restart HA. Start making incremental changes in harmonize.py itself, and check the output in HA logs after each run, specifically what follows after return code (as above, where you found CIAO).
Good luck!
Thank you so much Krissen!!!
You’re absolutely great!!!
I owe you one
So I skimmed this thread a bit as its kind of long but judging by the last post at the bottom it looks like you have figured out you need to move the keys out of the normal .ssh folder and within /config in order to have them persisted across updates of HA.
However I see you are using -o StrictHostKeyChecking=no. Since this is between local systems on your network that’s probably ok but if you would like to stop doing that there is a fix. The ssh command also allows you to provide a custom location for the known_hosts file. This way you can move that file inside /config as well and have that file also persist across updates. You can also get it set up correctly the first time by either manually SSH’ing directly from the HA container’s commandline using the Portainer add-on on just by copying and pasting the correct things into your custom known_hosts file.
I had to figure this out in order to get my HA displaying a count of packages that needed to be updated on its host. I put the details in here (a lot of it is not relevant to the task at hand I know but it also talks about how to do the known_hosts stuff). With both the custom location for known_hosts and keys the final SSH command ends up looking something like this:
ssh -o UserKnownHostsFile=/config/.ssh/known_hosts <INSERT HOST USERNAME>@<INSERT HOST ADDRESS> -i /config/.ssh/id_ed25519 '<insert command here>'
Great! Thanks, will check out using -o UserKnownHostsFile=myhostfile instead of -o StrictHostKeyChecking=no. 
I could add that personally, I have a dedicated user set up for the purposes of SSH:ing out of HA and executing commands on my external box. Only specific commands are allowed, and the user otherwise has restricted permissions.
This seems like a pretty knowledgeable thread on this niche topic so is it OK if I reference my recent tangential question here that’s stale? Thank you! Feel free to delete if not…
Hi David
I am trying to use the directions:
https://developers.home-assistant.io/docs/operating-system/debugging/#generating-ssh-keys
to connect to Home Assistant via port 22222 to troubleshoot my OS issue (above 5.2 not working on my pi4 ssd boot)
I used the putty gen software and am confused about the file created. I have copied the public key into notpad ++ with Ansi, unix settings. After coping there is not a (LF) at the end of the key. Should there be. Also is anything needed at the start of the key. I get to the screen with the login and I hit enter (not sure if this is correct as the directions in the docs do not say. After hitting enter I get Server refused our key, no supported authentication methods available. If you have used this maybe you can give me some insight on what I am doing wrong.
Thanks.
Hi,
I tested your solution and it’s not working.
I do have 2 AP (Pro and LR) with fw 4.3.28.11361.
This is the code in HA:
shell_command:
unifilr_led_off: >-
ssh -i /config/unifissh [email protected] "echo '0' >/proc/gpio/led_pattern"
unifilr_led_blue: >-
ssh -i /config/unifissh [email protected] "echo '1' >/proc/gpio/led_pattern"
unifilr_led_white: >-
ssh -i /config/unifissh [email protected] "echo '2' >/proc/gpio/led_pattern"
unifilr_led_whiteblue: >-
ssh -i /config/unifissh [email protected] "echo '3' >/proc/gpio/led_pattern"
unifipro_led_off: >-
ssh -i /config/unifissh [email protected] "echo '0' >/proc/gpio/led_pattern"
unifipro_led_blue: >-
ssh -i /config/unifissh [email protected] "echo '1' >/proc/gpio/led_pattern"
unifipro_led_white: >-
ssh -i /config/unifissh [email protected] "echo '2' >/proc/gpio/led_pattern"
unifipro_led_whiteblue: >-
ssh -i /config/unifissh [email protected] "echo '3' >/proc/gpio/led_pattern"
I created a private key with PuttyGen and put it in config folder with name unifissh.ppk
I copied the content of the key in Unifi AP via Unifi Controller
System Settings - Controller Configuration - Device SSH Authentication - creating a new ssh key called UnifiHA with the pasted code.
Then I used SSH addon to connect to both AP at least one time.
Can someone please support me?
Thank you in advance
This is the error I found in the log
Logger: homeassistant.components.shell_command
Source: /usr/src/homeassistant/homeassistant/components/shell_command/init.py:113
Integration: Shell Command (documentation, issues)
First occurred: 16:12:02 (1 occurrences)
Last logged: 16:12:02Error running command:
ssh [email protected] "echo '0' >/proc/gpio/led_pattern", return code: 255NoneType: None
Kind of a whole different topic but if you haven’t solved this yet you should check out the HassOS SSH port 22222 Configurator addon.
So why are you using /config/unifissh in the command then? You called the file unifissh.ppk. Also you need two files, a private and public key. And the public key has to be in the same folder with the same name except .pub on the end.
Also you skipped all the instructions above about the known hosts file. Without that its still not going to work even after you get the keys right.
I would suggest giving the below community guide a read as it goes through all these details. Including ways to test directly from the commandline without needing to restart HA between every test.
Thanks. Got it working. This seems much easier.
I followed instruction and now I have .ssh .ssh.pub and know_hosts in my config folder.
I can run commands from the addon (even if I always add to put manually password ) Maybe I miss still something?
Can you share the command you’re running and the error you’re seeing in the log after making those updates?
sure.
Here’s the full command that works inside terminal addon :
ssh [email protected] "echo '1' >/proc/gpio/led_pattern"
The shell command in my yaml is the following:
unifilr_led_blue: >-
ssh [email protected] "echo '1' >/proc/gpio/led_pattern"
This is full error log:
Logger: homeassistant.components.shell_command
Source: /usr/src/homeassistant/homeassistant/components/shell_command/init.py:112
Integration: Shell Command (documentation, issues)
First occurred: 11 aprile 2021, 23:56:12 (3 occurrences)
Last logged: 0:35:30Error running command:
ssh [email protected] "echo '1' >/proc/gpio/led_pattern", return code: 255NoneType: None
You aren’t telling it the key to use for authentication with -i so its using normal interactive authentication and asking for a password. You said you had a .ssh folder and named the key .ssh.pub right? So should be this then:
ssh -i /config/.ssh/.ssh.pub [email protected] "echo '1' >/proc/gpio/led_pattern"
my ssh.pub is in config (not a specific .ssh folder).
I changed command and tested within addon.
ssh -i /config/.ssh.pub [email protected] “echo ‘0’ >/proc/gpio/led_pattern”
Here’s the result (sorry I can’t past the text):
I tried changing permission to 600 or 400 but I receive an error
Load key “/config/.ssh.pub”: invalid format
Sorry wait I’m being dumb, you need to provide the path to the private key file. The public key needs to be in the same folder with the same name except .pub on the end. Assuming you did that and your private key is at /config/.ssh change the command to this:
ssh -i /config/.ssh [email protected] “echo ‘0’ >/proc/gpio/led_pattern”
644 is fine for a public key, not for a private key. If you ran through the normal keygen process then permissions should be set up correctly, just have to provide the right path.
EUREKA!
It worked!
Thank you! 