Modify config inside docker container


I’m trying to use the CISCO device tracking add-on and having a few issues. When HAS starts I get the below in the log file:

2019-02-01 00:18:52 ERROR (SyncWorker_4) [homeassistant.components.device_tracker.cisco_ios] pxssh failed on login
2019-02-01 00:18:52 ERROR (SyncWorker_4) [homeassistant.components.device_tracker.cisco_ios] Could not establish connection to host
2019-02-01 00:18:52 ERROR (MainThread) [homeassistant.components.device_tracker] Error setting up platform cisco_ios

Looking at the log on my router I see the following:

No matching cipher found: client chacha20-poly1305@openssh

I can re-create the error if I open a shell to the HAS container and run the SSH command directly. Simple fix is to un-comment the cipher line in /etc/ssh/ssh_config

The problem I have is making this persistent! I need to restart HAS to retry device discover, which immediately removes my SSH_Config edit!

What’s the best way to get this edit applied and persisting when the container starts.

Copy the ssh config to your mounted volume.

Edit your docker run or compose to mount that file as a volume.

Edit the file on the host in the mounted directory now.

Thanks for the response, got the first step done, step 2 I’m lost! Got a good link I could read? I’m running off the shelf HASS.IO.

Doesn’t the hassio ssh config let you add settings? ie the same place where you add username password etc,

That would have been good to know in the first post. Since your question was about Docker container specifically, I assumed you were running normal Docker, on Linux, and not HASSIO on HASSOS, which means you do not have these options available to you.

Assuming nobody knows the exact solution, here’s something you could try (which I have not)…

Can you specify the cipher on the SSH command (ie. ssh -c chacha20-poly1305@openssh)? If this works manually, you could try copying into the custom components folder and update the code to do the same thing (if possible). Having a look here suggests

     cisco_ssh = pxssh.pxssh(options={...})

However it’s not immediately obvious how you’d specify the cipher.

Ignore me, I thought this was an option that needed adding to the server, not the client.

Get the man a beer!


create the following DIR in your config directory:


create the file within.

populate with the latest and greatest version of the code from GIT.

Add the following to your newly created

cisco_ssh = pxssh.pxssh() #find this line
cisco_ssh.options = dict(ciphers="aes128-cbc") #add this below

Restart, get a coffee… smile!