so what do you have access to after logging in to ssh on port 22222? What is the output of the following commands?
whoami
pwd
Running HA OS in Proxmox (Debian) on a NUC10i7FNK. My main computer is Win 10-64.
I’d like to update the firmware on my HUSBZB-1 stick and it seems like I need to be able to SSH in following:
https://developers.home-assistant.io/docs/operating-system/debugging/#ssh-access-to-the-host
I setup a USB stick and plugged it in and see this in the logs so it looks like it worked?
21-01-03 00:03:48 INFO (MainThread) [supervisor.hassos] Synchronizing configuration from USB with Home Assistant Operating System.
21-01-03 00:03:48 INFO (MainThread) [supervisor.host.services] Restarting local service hassos-config.service
I tried to SSH to [email protected] -p 22222 using PuTTY and the connection is refused. This is what the logs show:
=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2021.01.02 16:25:38 =~=~=~=~=~=~=~=~=~=~=~=
Event Log: Looking up host "homeassistant.local" for SSH connection
Event Log: Connecting to fe80::422e:207f:2e79:5563%14 port 22222
Event Log: We claim version: SSH-2.0-PuTTY_Release_0.74
Outgoing raw data at 2021-01-02 16:25:38
00000000 53 53 48 2d 32 2e 30 2d 50 75 54 54 59 5f 52 65 SSH-2.0-PuTTY_Re
00000010 6c 65 61 73 65 5f 30 2e 37 34 0d 0a lease_0.74..
Event Log: Failed to connect to fe80::422e:207f:2e79:5563%14: Network error: Connection refused
Event Log: Network error: Connection refused
Does “Event Log: We claim version…” mean it actually connected? I also tried localhost, homeassistant.localhost, the IP for HA and they all failed.
I also tried ssh [email protected] -p 22222 in an Ubuntu session in WSL2 and the connection was refused (I installed my private key there).
Not sure what to try next; is there a way to verify the private key was added? I have pretty basic linux skills so use small-medium sized words 
2 Likes
I’m having the same issue as Eric. It took me forever to figure out how to:
- get the file in the perfect format (VSCode failed me, Notepad++ had the ANSI encoding, both had the LF option available),
- then get the file on the thumb drive perfectly named (“CONFIG”) and with a file system type that is “supported” (exFAT isn’t supported but was the only one that would succeed in formatting… until I opened Disk Management and removed the volume and recreated it to format to NTFS),
- Then share the USB port on my Proxmox server with the VM
- Then I get the same messages when I select “Import from USB” about synchronizing configuration
- when I go to connect to port 22222, with the private key loaded to the Putty connection, it says: Server refused our key
2 Likes
~ $ whoami
root
~ $ pwd
/root
It confirms I’m in as root, I’m starting to suspect there’s just a misunderstanding on my part here. I’d gotten the impression somewhere that it’s possible to access the root OS bash prompt through the SSH add on, as you would if you’re accessing the console directly on the physical hardware with a keyboard/monitor or on a VM through the virtual console.
Looking over the thread again I don’t see anyone explicitly saying they accomplished this so I’m leaning towards guessing that the SSH add on can’t escape it’s own container environment and the files presented to the hassio docker containers. If anyone can confirm that the SSH add-on should be able to access the OS’s bash prompt and full file system then I’ll take another look.
From what I learned during last few days your last part is absolutely correct:
- add-on provided SSH only grants access to the container it runs in, „login“ never worked for me (which password for „hassio“ by the way?)
- full root access is possible by
A) enabling root ssh access like described in the dev manual of HASS OS (regular/pure/full SSH)
B) using the console as root (well, simple but no remote access)
C) when using Portainer by accessing the homeassistant container selecting the console function and using root without a password to log in (that’s only a web view based access, but might be sufficient for certain short-term use cases - and you don’t need to handle keys like for option a). Doing stuff in the Docker environment needs of course to be handled with special care (like every root access).
Please correct me or add if I missed/noted something wrong.
I’m pretty sure it can not do that.
However I just saw this posted, which looks like it will do what you ask:
1 Like
As @Silicon_Avatar stated, SSH Plugins cannot access the HA> prompt. This is because they exists inside a docker container. However, also as @Silicon_Avatar stated, my addon will break that container for you with an SSH Key after a reboot.
This error indicates that you have successfully uploaded a file to activate the 22222 port.
Unfortunately, the key (public) that was uploaded to HAOS does not pair to the (Private) key that Putty is using. IOWs a key mismatch.
either you uploaded the private key and trying to use the public key for access (reversed the keys), or your formatting of the key public key to the HAOS was bad. Third possibility, the HAOS pulled a bad copy.
Open the authorized_keys file and the format should follow this all on one line:
ssh-rsa AAAAbunchmorecharas== rsa-key-a_date
My key is:
ssh-rsa AAAbunchmorecharas== rsa-key-20210105
In Notepad++, I ensured LF and ANSI, “saved as” to the thumbdrive that’s formatted as NTFS. Did Import from USB, got the message, tried putty into 22222 with new private key and same message.
Whole reason I’m trying to get to this is to install a cli tool for: https://github.com/rospogrigio/localtuya
I can get to a command line via Proxmox but I don’t know if that is the right place to install this tuya api tool where it can/could interact with HA properly, can’t even use “npm” or “apt-get” so probably not the right place
I don’t believe HassOS has either of those installed. HAOS is not intended as a general use platform, and only has just enough installed to properly run the HA ecosystem.
Taking a quick look through the HAOS github repo, I see it has busybox which includes things like cat, tail, whoami, chmod etc, and bash is included, but I don’t see anything for npm or apt.
It uses apk. Apk add curl. It has a limited Repository but it’s there
2 Likes
What on earth makes you think apt-get would be installed on a non debian(like) system?
1 Like
Hi,
The answer to your question is: login with root and type an empty password. This gets you to the HA prompt.
From there, simply type login and hit enter. This will kick you straight to the host shell.
Crazy this isn’t documented.
3 Likes
Yes, if you have a monitor and keyboard connected to the machine. Otherwise, nah.
I had the same annoyance, but found something way easier.
The “SSH & Web Terminal” addon provides a pretty shell with access to Docker. You can then use Docker to get full host access like this:
docker run --privileged --pid=host -it alpine:latest \
nsenter -t 1 -m -u -n -i sh
Needless to say, but you’ll be able to completely destroy your installation this way. So keep Protection Mode enabled! 
9 Likes
This is probably the most helpful post in this whole community, something that the HA maintainers should have started with! Architecture, then installation alternatives (and WHY), then how to access each component if you decide to run the abomination that is HASS. Or is it HaOS? Running docker on RPi is such an overkill!
Could agree. But then it must be you maintaining the HA variant for the RPi! No? Wouldn’t do that, either 
But then we need to understand that there are many other possible environments for running HA as well. My Synology NAS could do, my Linux server could do, my Windows machine could do and so on. Not to mention different flavours of Windows/Linux/… All samesame, but different. They all use the same HA. So HA simply needs to be something suiting all needs. And the docker approach is one of those possible solutions.
1 Like
Really damn the day i have installed HomeAsistant OS. Or at least devs should provide some info.
Searched through the whole devs site but couldnt find an option to get and alias for an IP.
nmcli con mod
Returns “No such method ‘Update2’” which can not be resilved without understnding the whole thing