Remote ssh command: error 255

Hi, I see I’m not alone with SSH commands not working from HA GUI but I also don’t see a working solution. Goal is to set an automation to reboot an ASUS router in the morning.

Problem: shell commands DO work from Terminal addon but DO NOT work from HA GUI or automations.

Command:
ssh [email protected] /sbin/reboot

I’m getting this:

ERROR (MainThread) [homeassistant.components.shell_command] Error running command: `ssh -o "StrictHostKeyChecking=no" [email protected] /sbin/reboot`, return code: 255
NoneType: None

RSA key pair is pasted to the router’s web admin. I understand HA and Terminal addon are probably two different users with different credentials but I don’t know how to fix it.

Tried:
ssh -o "StrictHostKeyChecking=no" [email protected] /sbin/reboot
ssh -i /data/.ssh/id_rsa.pub [email protected] /sbin/reboot
ssh -i /data/.ssh/id_rsa [email protected] /sbin/reboot
ssh -i /root/.ssh/id_rsa.pub [email protected] /sbin/reboot
ssh -i /root/.ssh/id_rsa [email protected] /sbin/reboot

Setup:
Rpi4 with HA Core 0.108.5 via Ethernet directly into router
AC-1200 router

Please advise, thanks.

I’ve used Shortcuts on iOS to do this as it can run remote shell commands with passwords now but I’d still like a HA solution.

Not what you might want to hear, but I am in the same boat here. I am attempting to reboot a remote raspberry pi with the shell commands without much success.

same problem here.

I managed to figure it all out.

First, you need to use SSH & Web Terminal which can be found on the Home Assistant Community Add-ons.
This lets you log on to the home assistant host (I think?)
Then i created the SSH keys from there and copied them onto the rasberry pi.
I then used this shell command to send commands to the pi.

picommand: ssh -i /config/ssh/id_rsa -o 'StrictHostKeyChecking=no' [email protected] '[remote command to be run]'

I hope this helps, i should have documented what i did to get it working before i forgot. The key way to use the community SSH add on and not the official ssh add on.

2 Likes

I just wanted to write down the same :smiley: I solved it a 10 minutes ago. The same method I used.

1 Like

Been having a heck of a time with this. I’ve copied the SSH keys to my raspberry pi and can execute the command when I open the SSH & Web Terminal without any problems. However, running this from a service doesn’t do anything. It gives me a return code: 255 in the logs.

ssh_test_script: ssh -i /root/.ssh/id_rsa -o 'StrictHostKeyChecking=no' [email protected] 'sh /home/scripts/testscript.sh'

Again, pasting this directly into the terminal executes with no problems.

EDIT: ok, apparently the keys HAVE to be in /config/.ssh not /root/.ssh. Copied my keys from root to config and changed the script to reflect those changes and I’m good to go.

8 Likes

The combination of using -o 'StrictHostKeyChecking=no' and placing the key in /config/.ssh finally got this working for me - thanks! :slight_smile:

4 Likes

Highly underrated answer. Searched for a few hours and this fixed my issue!

1 Like

I must be getting grey hairs on this… well more than I already have.
I had this working previously on an older version of both HA and Rasbian, but now I’m pretty much stumped. What I have done so far is:

  • generated the key on the HA
  • copied the key to the Rasbian
  • put in the shell alias to a bash .sh file
  • verified that I can connect from HA to Raspian with ssh and the key file
  • created a .ssh in /config and moved the files there, reflecting that in the script
  • set the correct rigths on the directory and the files
  • reverified in the terminal
  • made the automation
  • testfire of the automation
  • getting 255 errors along the way that I did various things

So now I have no idea anymore and the logging is not fantastic.
When I run it in the terminal, everything works fine… I’m at the end of my rope here.

shell alias:

info_on: '/config/info_on.sh'

info_on.sh:

ssh -i /config/.ssh/id_rsa -o StrictHostKeyChecking=no [email protected] "bash ./info_on.sh"

Any more tips?

Enable debug logging for shell_command and test again. It will give you more detail on what is going wrong in the system log.

Go to developer tools > services

service: logger.set_level
data:
  homeassistant.components.shell_command: debug

Make sure to reset after testing.

Thanks Folks … for this Solution … I was struggling with my QNAP and shell_command was not my only problem. Here the complete Solution for QNAP.

  • Qnap Version 4 (other Qnap, take a look here Running Your Own Application at Startup - QNAPedia)
  • I have admin deactivated on Qnap (Security Recommondation)
  • I use only ssl
  • all server information on HA I want to have in secrets.yaml
  • id_rsa.pub > cat file to qnap’s /share/homes/user/.ssh/authorized_keys
  • chmod folder .ssh to 0700 and authorized_keys to 0600
  • enable autorun.sh on Qnap (System Setting, Hardware)
  • edit autorun.sh

First … QNAP
Use this command for editing autorun.sh, check Qnap Wiki for Other Qnap’s then 4

mount $(/sbin/hal_app --get_boot_pd port_id=0)6 /tmp/config
vi /tmp/config/autorun.sh

Qnap autostart.sh content you need, because sudoers is not persistent

mkdir /usr/etc/sudoers.d
echo "user ALL=(ALL) NOPASSWD: /sbin/poweroff" > /usr/etc/sudoers.d/user

after editing … to this:

chmod +x /tmp/config/autorun.sh
umount /tmp/config

Here is, what you can define for HA

configuration.yaml

shell_command:
  shutdown_lupus: !secret qnap_lupus_poweroff
sensor: !include_dir_list sensors/
switch: !include_dir_list switches/

sensors/lupus.yaml

platform: qnap
host: !secret ip_lupus
username: !secret qnap_lupus_user
password: !secret qnap_lupus_password
port: !secret qnap_lupus_port
ssl: true
verify_ssl: false
monitored_conditions:
  - status
  - cpu_usage
  - memory_percent_used
  - network_tx
  - volume_percentage_used

switches/wol_lupus.yaml

platform: wake_on_lan
name: WoL Lupus
mac: !secret qnap_lupus_macc
turn_off: 
  service: shell_command.shutdown_lupus

secrets.yaml

qnap_lupus_user: user
qnap_lupus_password: password
qnap_lupus_port: port
qnap_lupus_poweroff: ssh -i /config/.ssh/id_rsa -p port -o StrictHostKeyChecking=no user@ip "sudo /sbin/poweroff"
qnap_lupus_macc: 'mac'

THANK YOU SO MCUH

Hi every one,
I am still having problem on using shell command on my home assistant.
I have home assistant installed on proxmox with ip 10.10.10.10 on a vm 10.10.50.22.
I been able to ssh in my home assistant core :
ssh [email protected]

than i created a key with:
ssh-keygen -t ed25519

and saved in /root/config/.shh

than i copied the key to the server i want send the ssh command line:
ssh-copy-id [email protected]

the command line i saved in my home assistant config .yaml is :
ssh -i /root/.ssh/id_ed25519 -o ‘StrictHostKeyChecking=no’ [email protected] -i /config/.ssh/id_ed25519 ‘echo -n mem > /sys/power/state’.

I still get the error return code: 255
how can i solve ?

I’m not sure, but I see two -i flags in your command line. You only need the last one.

Thanks for the tip.
I found out that after an hour of trying to solve this problem that there was no problem.

Output of my log:

2023-08-30 21:03:45.926 DEBUG (MainThread) [homeassistant.components.shell_command] Stderr of command: `ssh -i /config/.ssh/id_rsa -o 'StrictHostKeyChecking=no' [email protected] sudo poweroff`, return code: 255:
b'Connection to 10.0.0.58 closed by remote host.\r\n'
2023-08-30 21:03:45.927 ERROR (MainThread) [homeassistant.components.shell_command] Error running command: `ssh -i /config/.ssh/id_rsa -o 'StrictHostKeyChecking=no' [email protected] sudo poweroff`, return code: 255

The ssh command returns that the connection was closed as a stderr output.
So just set logger level to debug to check it and if it works then leave it.