I formatted my USB drive to FAT32 (or NTFS, I don’t actually remember, now) with the right name all in caps;
I created a pair of keys with putty, renamed the public key, opened it with Notepad++, converted it to AINSI and linux EOL;
USB drive in the Raspberry Pi, I ran the ha os import command (several times, using different USB ports) and, since the guide says rebooting would do the same, I also rebooted;
Launched the latest Putty (0.80), tried to connect to [email protected] (or the same with the IP address) using the key and always get the same error: Connection refused.
I can’t because the command line in the background is not the HAOS but HA Core (or something like that). So it sees only a small fraction of the storage used;
Even if I could, I’d still be interested in knowing why I can’t setup the SSH for HAOS.
That error suggests that HA is still rejecting the connection. Assuming you’re using the right port (22222), then that error would suggest that SSH isn’t running in the HA OS. I presume, since the docs don’t explicitly mention it, that the SSH server is started once the key is imported. Could be that even though the import command succeeded, HA OS doesn’t like the key that was imported.
The formatting of the default save type of the public key is wrong. Instead of saving, you’ll want to copy the generated key into a text doc with the right formatting.
I’m also not a huge user of PuTTY (typically just use Powershell) but I think you’ll also have to import the private key to be used for authentication when you connet.
Well, I read 2222 on the guide and since I’m an idiot, I didn’t double-check.
So thank you, it works!
Yeah I did that.
Random question but do you know if I could have generated the key with Powershell with the right format and used it after with PuTTy? I could try but I don’t want to break it now that it works (and my understanding too limited to troubleshoot it afterwards)
Totally…or just use Powershell for both. When you generate a key with Powershell, by default it’ll drop it into the .ssh folder for your user profile. I know Powershell looks into that folder by default, but I don’t know if PuTTy does. If it doesn’t, you can just import the key.
I’m asking because I generated a key with Powershell first and the key itself mentioned Powershell at the end.
I like PuTTy because you can use the standalone .exe
I have that .exe in a dropbox folder where I put my SSH keys and config as well, which means I can access all computers from any computer I own without having to move keys around. I suppose you could do the same with Powershell but not as easily. And without a GUI.
Resolving “Corrupted MAC on input” Error for SSH Access
If you’re encountering the error message “Corrupted MAC on input” while trying to establish an SSH connection, follow this guide to resolve the issue and set up SSH access with public key authentication.
Error Message
sh
ssh [email protected]
Corrupted MAC on input.
ssh_dispatch_run_fatal: Connection to X.X.X.X port 22: message authentication code incorrect
Step 1: Specify a MAC Algorithm
To resolve the “Corrupted MAC on input” error, specify a compatible MAC (Message Authentication Code) algorithm when initiating the SSH connection. Use the following command:
Replace username with your server’s username and X.X.X.X with your server’s IP address.
Step 2: Configure SSH Client for Default MAC Algorithm
To avoid specifying the MAC algorithm every time, configure the SSH client to use this algorithm by default. Edit the config file in the .ssh directory of your client machine (e.g., C:\Users\yourusername\.ssh\config on Windows):
Download and Install PuTTY: Download PuTTY and PuTTYgen from the official website: https://www.putty.org/. Install both applications on your client machine.
Generate a Key Pair: Open PuTTYgen and click on the Generate button to create a new key pair. Move your mouse around the blank area to generate randomness.
Save the Key Pair: Once the key pair is generated, save the public key by clicking on the Save public key button and save the private key by clicking on the Save private key button. You can choose to protect your private key with a passphrase or leave it empty.
Copy the Public Key: In the PuTTYgen window, you’ll see the public key in the text box at the top. Copy the entire contents of this box.
Step 4: Copy the Public Key to the Server using HomeAssistant Web Interface
Access the HomeAssistant Web Interface: Open a web browser and navigate to the local IP address of your HomeAssistant server: http://homeassistant.local:8123/.
Go to Settings: Navigate to the Settings section.
Select Add-ons: In the Add-ons section, select Advanced SSH & Web Terminal.
Configure the Public Key: In the configuration page, paste the copied public key into the appropriate field for authorized_keys.
Here’s an example configuration for the authorized_keys field:
By following these steps, you’ve successfully resolved the “Corrupted MAC on input” error and configured SSH access with public key authentication, ensuring a secure and convenient connection to your server.
