SSH command to remote server

I’m creating an automation that shuts down a remote Ubuntu server using a SSH command. I have read many other topics here with seems to have the same issue, but the solution doesn’t work for me.

This command is working from the terminal, but not in Home Assistant:
ssh user@host sudo /sbin/shutdown -h now

This is my switch:

  - platform: command_line
    switches:
        ubuntu_shutdown:
          command_on: ssh user@ubuntu sudo /sbin/shutdown -h now
          command_off: "ssh user@ubuntu sudo /sbin/shutdown -h now"

I tried some other commands below, but no success.

command_off: "ssh -o 'StrictHostKeyChecking=no' user@ubuntu 'sudo /sbin/shutdown -h now'"
command_off: "ssh user@ubuntu 'sudo /sbin/shutdown -h now'"

When I use the switch I get this error in Home Assistant: ERROR (SyncWorker_1) [homeassistant.components.command_line.switch] Command failed: ssh user@ubuntu sudo /sbin/shutdown -h now
In Ubuntu I see the following in /var/log/auth.log: ubuntu sshd[1290]: Connection closed by 192.168.2.64 port 39888 [preauth]

Home Assistant is running as root and I log in to Ubuntu with user.
I added “PermitRootLogin yes” into “/etc/ssh/sshd_config” and set a password for root user on Ubuntu.

I hope someone can help me with it.

I found this when I was logging:

Permission denied, please try again.
Permission denied, please try again.
user@ubuntu: Permission denied (publickey,password).

I changed my command to:

command_off: "ssh -i /root/.ssh/id_rsa.pub -o 'StrictHostKeyChecking=no' user@ubuntu 'sudo reboot' 2> /config/command.log"

and get the following error:

Warning: Identity file /root/.ssh/id_rsa.pub not accessible: No such file or directory.
user@ubuntu: Permission denied (publickey).

Weird, because when I check it in the terminal, it exists. It looks like Home Assistant can’t use the public key.

ls -l /root/.ssh/id_rsa.pub
-rw-r--r--   1 root    root          567 Jul 27 16:13 /root/.ssh/id_rsa.pub

It’s solved!

Apparently Home Assistant can’t use the keys from the /root/.ssh dir, so I created the keys in /config/sshkeys.

With this code the command run good:

  - platform: command_line
    switches:
        ubuntu_shutdown:
          command_on: "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /config/sshkeys/id_rsa user@ubuntu 'sudo shutdown now'"
          command_off: "ssh -o StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -i /config/sshkeys/id_rsa user@ubuntu 'sudo shutdown now'"

2 Likes

Good solution, I have just one small change for my config - I had to chmod the key to 600 and I didn’t need the UserKnownHostsFile flag. Also, I don’t know if this is always the case, but I had to restart core for my yaml changes to take effect. Thanks!

How do you do this?

Make sure you are in the config directory

cd /config

then do the following command

mkdir .keys_ssh

then do the following command

ssh-keygen

When you are promoted to where you want to store your keys type the following and press enter

/config/.keys_ssh/id_rsa

passphrase is optional but recommended for further security.

2 Likes