I have read all the posts / guides that I have found, but I cannot get the shell commands to work with hassio.
Objective:
Using hassio shell command, control several linux machines via ssh.
I tried to generate the keys on both linux and hassio machines, but I never manage to make the commands work. I am always given the error 255. There are many guides but they have confused me.
Can anyone explain, step by step, how to do it?
Anything you do in the SSH add-on is in another container
This means that you need to put the private key somewhere that Home Assistant (Core) can reach, tell it where that is, and also tell it to accept server keys:
ssh -i /config/ssh/id_rsa -o StrictHostKeyChecking=no remote_user@remote_host date
Here I’ve got an RSA private key (id_rsa) in /config/ssh/, with the permissions on the key set correctly (chmod 0600 /config/ssh/id_rsa).
The public key (id_rsa.pub in this case) needs to be added to authorized_keys in the remote users .ssh/ folder.
It’s taken me a little while to find this, so I thought I’d pass it on:
As an alternative to dodging around the known_hosts check with: -o StrictHostKeyChecking=no
You can log into the docker image with docker exec -it homeassistant /bin/bash
and execute the desired ssh command. It will ask about adding the host to the known_hosts file, to which you obviously answer “yes”, and you’re ready to go. This has the added benefit that you check that your ssh command actually works in the *real" environment it’s going to be executed.
@mhinch
I’m using it and it works. However, it’s not persisting for me. It will work for a few days and then it clears the keys that are stored at /.shh. They’re gone. And I then need to re-generate and copy keys to the remote machine.I think it’s may be losing them on a restart or after multiple restarts. Have you experienced this?
If you store the keys in .ssh within the container then, as soon the container is restarted this directory is emptied and ssh won’t be able to find the keys.
You need to put the key in a persistent folder (outside the container) and tell the ssh command from within the container to use those key location (using -i) instead of the default one.
Thank you so much. In my home assistant core installation I had a very similar situation, the only difference is where I put the keys. I’ve had to set 0600 to id_rsa, 0644 to id_rsa.pub, and 0700 to the .ssh folder (and to set chown to homeassistant:homeassistant to the folder and the files inside), of which the full path is: /home/homeassistant/homeassistant/.ssh
So basically the resulting working command was: ssh -i /home/homeassistant/homeassistant/.ssh/id_rsa -o StrictHostKeyChecking=no username@computerIPaddress yourcommand