Running a shell command from Home Assistant to remote linux PC

I am attempting to run a shell command to raise/lower the volume on my HTPC.

shell_command:
volume_up: ssh [email protected] pactl – set-sink-volume 0 +5%

The command works as expect when executed from the terminal, but does not when used as a script in home assistant.

I’m assuming it has something to to with being logged in as root while in the terminal, but the web interface using a different user.

I’m not sure of the user name, or how I can log in as that user in the terminal to add that users key to the HTPC.

It all depends on how you install Home Assistant.

Just the normal install on a Raspberry Pi 3 by following the Getting Started guide.

That sounds like you probably ended up using Hass.io then.

You need to:

  1. Copy the private SSH key into your /config/ folder
  2. Tell SSH the path to the key, and to blindly accept the remove server
ssh -i /config/ssh_keys/somekeyname -o 'StrictHostKeyChecking=no' [email protected] pactl – set-sink-volume 0 +5%
3 Likes

Hi,
I was wondering if this was resolved?
I’m having a similar problem, which I can’t quite nut out…
I’m running HA in a Linux Docker (HASSIO).
I’m just wanting to do a remote shutdown Octoprint on an RPi via an entity switch.
The switch config is:

switch:
  - platform: command_line
    switches:
      octoprint_switch:
        command_on: ssh [email protected] 'sudo /sbin/shutdown -h now’

I can SSH into the HA docker and manually run the command okay. It works this way. I am however logging in as root when done manually. Not as the HA user.
I’ve gone looking for a HA user - can’t find anything that might be… I’ve issued the following command to look:
I am trying to log in as ‘pi’ anyway?

I’ve enabled password-less access into the Pi by setting up key pairs. Works when I manually log via the HA CLI.

I’m sure I’m close but doing something stupid…

See the answer I posted immediately above your question, that covers what you need to do.

Hi,
Thanks so much for replying. This is has been bugging me no end.
I did think your post did answer my problem.
Here’s what happened, this from my HASSIO host (on docker), logging in as root:

cd /config
mkdir ssh_keys
cd .ssh
cp private_key.ppk /config/
cp private_key.ppk ./ssh_keys/
chmod 700 ssh_keys/
chmod 600 ssh_keys/private_key.ppk
rm private_key.ppk

$ ssh -i /config/ssh_keys/private_key.ppk -o 'StrictHostKeyChecking=no' [email protected] sudo /sbin/shutdown -h now

Load key "/config/ssh_keys/private_key.ppk": invalid format
[email protected]'s password:

I ENTERED THE P/WORD…

Connection to 192.168.1.237 closed by remote host.

I GUESS IT SHUTDOWN AT THIS POINT
When I go via the HASSIO CLI I can ssh to Octoprint CLI without password:

$ ssh [email protected]
Linux octopi 4.19.75-v7+ #1270 SMP Tue Sep 24 18:45:11 BST 2019 armv7l

The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
BLAH BLAH BLAH

I tried this on the Octoprint server today for good measure (being quite clueless probably):

$ sudo visudo

added:

pi  ALL=(ALL) PASSWD: ALL

This is probably a massive security hole, but I’m trying everything!

Am I best off to try and issue CURL commands to PUT directly to the Octoprint server? Seems to be a popular approach from what I can see…

Okay, I exported my private key to ssh. Ran the command line thus, ssh’d in as root to the cli of HASSIO in my docker:

ssh -i /config/ssh_keys/NewPrivateKey2.ppk -o 'StrictHostKeyChecking=no' [email protected] sudo /sbin/shutdown -h now

It shutdown my Octoprint Server okay.
I added it to my switch: command_line, which looks like:

switch:
  - platform: command_line
    switches:
      octoprint_switch:
        command_on: "ssh -i /config/ssh_keys/NewPrivateKey2.ppk -o 'StrictHostKeyChecking=no' '[email protected] sudo /sbin/shutdown -h now'"

restarted HA
Executed via lovelace (as a simple switch entity), It still fails.
From my logs:

Command failed: ssh -i /config/ssh_keys/NewPrivateKey2.ppk -o 'StrictHostKeyChecking=no' '[email protected] sudo /sbin/shutdown -h now'

:frowning:

You’ve got some extra quotes there - don’t put quotes around [email protected] sudo /sbin/shutdown -h now:

switch:
  - platform: command_line
    switches:
      octoprint_switch:
        command_on: "ssh -i /config/ssh_keys/NewPrivateKey2.ppk -o StrictHostKeyChecking=no [email protected] sudo /sbin/shutdown -h now"
1 Like

Holy Heck!
It shuts down.
However the logs still show an error:

Command failed: ssh -i /config/ssh_keys/NewPrivateKey2.ppk -o StrictHostKeyChecking=no [email protected] sudo /sbin/shutdown -h now

But it works!
Even though I had password-less access between HASSIO docker and RPi (Octoprint), I needed
a private key with an OpenSSH format,
to be explicit with the key I wanted to use (and don’t be strict with host checking) and
my syntax was a bit wonky…
Could I have perhaps used an OpenSSH compliant key-pair in the first instance, left off the explicit path (use the .ssh path by default), still told it not to be strict with host checking?

In any case I’ve got it work (allbeit with an error)…
THANK YOU!

I can´t get ssh to my Synology to work. Get permission denied error when trying from Putty when logging in with the user pi. Is the / config/ folder just the folder where all the YAML files are? I am not on Hassio.
What is the exact procedure for copying the private key from another pc to HA?

Yes

That’ll depend on how you can transfer files. How do you do that currently?

I use this command from cmd:
scp c:/users/jesper/.ssh/id_rsa.pub [email protected]:/home/homeassistant/.homeassistant/ssh/id_rsa
Afterwards I then change the permission for the ssh folder to 700.
I guess there might be some user/permission issues but can´t figure out what

Originally I created the keys in CMD on my Win 10 pc.
I can log in to my Synology now without password from CMD on that pc.
I thought that I just had to copy the private key to a folder in the /config/ folder and use ssh i in the command line in HA.

Hello!

There is a totally simple way to copy someones ssh-key to another computer where it should be used.

If you created the key with ssh-keygen on the local computer, you can use this command:

ssh-copy-id <username>@<remote-computer>

to copy the ssh key to it. You have to input the password for the of the one time and afterwards you can use:

ssh <username>@<remote-computer>

without the password!

2 Likes

Pretty much.

What does your whole command line look like when you’re trying to SSH from HA?

  - platform: command_line
    switches:
      test_switch:
        command_on: "ssh -i /config/ssh/id_rsa -o StrictHostKeyChecking=no [email protected] sudo -S poweroff"
1 Like

When I use this command in CMD on the local computer it returns:
‘ssh-copy-id’ is not recognized as an internal or external command,
operable program or batch file.

Ah, you are using Windows? I wrote this for unix (Mac)/linux-computers

The local pc where I created the keys is Windows.