SSH into HassOS

When I upgraded to, I think it was 0.105.3 (with hassos)?.. my network ssh access stopped working. The terminal page still worked. Turned out there was some minor change that required me to actually enter the port # in the terminal & ssh addon configuration (for me 22, before it worked leaving this blank). After saving that and restarting ha, remote access worked again.

Thanks for mentioning that! I had the exact same issue after upgrading to 0.105.x. Manually entering the port worked for me too.

I’ve done that “but obviously not”. Can somebody confirm that by following (as I have done) https://developers.home-assistant.io/docs/hassio_debugging/#ssh-access-to-the-host you are able to stop the docker hyper-visor (sysctl docker stop) and still continuing with the SSH session?

You are correct. This will disconnect the session. What is it you are trying to do?

Hello,
from the last hassos update when i go in ssh 2222 and digit login the session is closed, so i cant go in host system shell. why?

Hi I just follow all the steps and im unable to SSH over port 22222 to the host

Also i consider use the good format for the Make sure when you are copying the public key to the root of the USB drive that you rename the file correctly to authorized_keys

The public key was generated by putty and i use the format correct!!!

Import from usb

Restart Server

When y tried to access via SSH over port 22222 i just receive the error “connection refused”
The error is totally clear my raspberry is not listening ssh over port 22222

So please what is the good procedure to access?

Let me chime in since someone may be jumping through the same hoops as I just did. I was struggling with my own errors for a while. For a moment I was led to believe that the port for host OS SSH is 2222. That was since when I was desperately trying and changed the port I was getting seamingly more promising server response on port 2222:
Couldn't agree a key exchange algorithm (available: [email protected],diffie-hellman-group14-sha256,diffie-hellman-group16-sha512,diffie-hellman-group18-sha512)
To summarize: I simply didn’t properly follow the instructions regarding USB volume name and had the authorized_keys in subfolder CONFIG rather than having the volume named CONFIG. What added to my uncertainity was that that when you hit the [Supervisor] [System] [IMPORT FROM USB] there is no error or confirmation offered and the LOG looks the same no matter what:

20-05-16 04:06:28 INFO (MainThread) [supervisor.hassos] Syncing configuration from USB with HassOS.
20-05-16 04:06:28 INFO (MainThread) [supervisor.host.services] Restart local service hassos-config.service

When I finally got it right it worked! Now I can offer a way to verify and better yet perhaps how to import the key(s) w/o the USB wizardry:
The full file path in the host filesystem is:
/root/.ssh/authorized_keys
Logging into the ha (root) gives the answer whether the file was loaded:

login 
cd /root/.ssh
ls -lart
cat authorized_keys

Now - let’s say you want to load the authorized_keys file where it belongs. SSH, right? Chicken and egg problem!? The SSH & Web Terminal https://github.com/hassio-addons/addon-ssh may come to rescue here.
Good luck!

I don’t understand why. The instructions still say to import from a USB in the System tab of the supervisor side panel no? Also, it’s port 22222.

@DavidFW1960 Right: I mentioned the port 2222 as a one source of my confusion - since some posts mentioned 2222. I carefully crossed that port in my post not to add to the confusion but failed to mention port 22222. Thanks for adding that.
I clearly got past that USB upload. What I didn’t like about that approach using USB upload is not being able to see what happened. No success/error messaging to my knowledge. If you do everything right - it works. If you mess any single step you are in the dark.
That was the message I was trying to convey: One can verify the key got uploaded (once he knows where it goes) and there is also a way around that USB path. Would have been faster for me than looking for an available USB stick, renaming etc. Noticed some people were asking exactly this question. Thanks.

Restart is not needed. I did this a dozen times yesterday using the same usb config stick and a pi4 (yes, I did a fresh install a dozen times :crazy_face:).

It worked every time.

How did you copy the key from puttygen?

Piggybackign on @mvana suggestion, for me the easiest way was the below: [I didn’t go the USB route because I don’t have an unused usb handy and below is more straight forward imo]

I accessed the HassOS through my proxmox console by using “login” command. Then all I did was to create /root/.ssh/authorized_keys file and pasted my public key. That’s it.

I had to reboot the HassOS to get the SSH to work.
Now I can access the host using “ssh [email protected] -p 22222” and then entering “login” command.

So folks…i am trying to help a fellow maker trying to get his setup running on HA.

Having copied/imported/setup the authorized_keys file on HASSOS you’ll see that i need to run “login” to get to an SSH prompt. Please note that i have applied all the available OS patches, updates.

pi@SmartiPi1:~ $ ssh [email protected] -p 22222
 _    _                                         _     _              _
| |  | |                          /\           (_)   | |            | |
| |__| | ___  _ __ ___   ___     /  \   ___ ___ _ ___| |_ __ _ _ __ | |_
|  __  |/ _ \| '_ ` _ \ / _ \   / /\ \ / __/ __| / __| __/ _` | '_ \| __|
| |  | | (_) | | | | | |  __/  / ____ \\__ \__ \ \__ \ || (_| | | | | |_
|_|  |_|\___/|_| |_| |_|\___| /_/    \_\___/___/_|___/\__\__,_|_| |_|\__|

Welcome on Home Assistant command line.

For more details use 'help' and 'exit' to close.
If you need access to host system use 'login'.

ha > ls -la
Error: unknown command "ls" for "ha"

Did you mean this?
        cli
        dns
        os

Run 'ha --help' for usage.
FATA[0000] Error while executing rootCmd: unknown command "ls" for "ha"

Did you mean this?
        cli
        dns
        os

ha > login
# ls -la
drwx------    4 root     root            42 Apr 16 00:45 .
drwxr-xr-x   13 root     root           210 Apr 16 02:15 ..
drwxr-xr-x    2 root     root          1024 Dec 21  2018 .docker
drwxr-xr-x    2 root     root          1024 Jun  6 22:15 .ssh
#

@tangowhisky37 I think you are doing fine. I don’t even see a question there(?). The “prompt” you are referring to is shell (ash) prompt while SSH is a protocol you are using to communicate with your system.
I see you have .ssh directory there as well. Assuming you have the “authorized_keys” file in place and it contains one or more public keys you may be establishing connection using the rsa key pair instead of password authentication. Please note the access permissions for the directory .ssh (700) and authorized_keys (500). sshd and especially vsftpd may be rejecting keys which are writable by others than owner. (My recent painful experience on CentOS :wink: ).

# pwd
/root/.ssh
# ls -lart
drwx------    4 root     root            42 Apr 15 14:25 ..
drwx------    2 root     root          1024 May 16 02:55 .
-rw-------    1 root     root           800 May 16 03:54 authorized_keys

Hey all,
not sure what im doing wrong.
HassOS 5.0 on rpi4

i keep getting this error: “no support auth message”

Steps taken;

formatted a 8gb USB stick, on my win10 machine to be NTFS

used putt key gen to create a new key

i then copied all the data from the public key (made sure to select all and copy)

opened Notepad++
pasted the values there
started with: ssh-rsa AAAAB3N
ended with: W517QuT1K7Q== rsa-key-20200727

set encoding to be ANSI
image

set edit EOL to be unix

saved the file as “authorised keys”

i then ejected the disk from widows
plugged into my RPI

went to supervisor and did “import from USB”

hw shows as the following:

opened putty
went to my ip and connected
image

approved the new connection certificate

then i went in as root and get this error

Did you ever get this sorted. I am going through this pain right now

EDIT: I just sorted it. Using info from here: https://www.configserverfirewall.com/windows-10/putty-server-refused-our-key/

I did FILE>>LOAD PRIVATE KEY

This generated the public key again. I then pasted it into notepad++ after having set the new document properties (SETTINGS>>PREFERENCES>>NEW DOCUMENT) to ANSI and UNIX/OSX

The difference to previous is the key was one long line now. I couldn’t even scroll to the end of it but it was all there. I uploaded this and it worked. Tedious!

1 Like

thanks for the info!

i ended up plugging in a screen and keyboard to get to it

1 Like

I had the same problem.
I am going to summarize what helped because it is a mix of everything stated here. It might be a documentation overkill but I hope I can help anyone with this.
What did the trick was following (With Windows):

Be sure to have notepad++ installed
change the preferences to following:

format your USB-Drive to FAT and call it CONFIG -> NTFS did NOT work for me even though the “official dev” instruction says it!
grafik

1 . Generate public + private key with puttygen and save them somewhere safe
grafik

  1. in Puttygen: File -> Load Private key

grafik

3.Highlight the Public key that was created in the text box and copy it to the clipboard.

grafik

  1. open notepad++ and paste it.

  2. Be sure that Encoding is ANSI and ELO by default

grafik

  1. in Notepad go to file -> Save as and change the filetype to All types and change the filename to authorized_keys
    Otherwise notepad++ will save it as authorized keys.txt

grafik

7.safely remove the USB drive from your PC and put it into your Home assistant machine.
Open your Home assistant through the browser and go to Supervisor - System -> import from USB
grafik

  1. open Putty
    Type in the Hostname and Port 22222
    Select the private key we generated before and open.

grafik

10 Likes

Thanks for this guideline !!!

Now I came across this and I have to admit that it is a perfect documentation. This is what the documentation should look like.

1 Like

Is there any other way to put the file to the server (SSH addon is installed)?