Updating Home Assistant inside Docker


#42

I’ve got it working completely now but just a note on some modifications to your instructions…

When I tried to copy over the keys to the host I got a “permission denied” error.

looking into that error I realized that since I already had an authorized_keys file for logging in from putty it wouldn’t allow be to copy the key over with your command.

I had to manually edit my authorized_keys file and append the public key content to that file.

It all works now. I can use portainer to console into the container and then ssh back into the host.

I’ll have to try some shell_commands from HA to make sure that it all completely works tho.


#43

@finity
glad you got it working.
that’s right. I end up deleting all keys and doing them over from scratch :wink:


#44

Thanks for posting this :slight_smile:

Using a Synology to run the HASS docker container,
However now I’m stuck at the point where if I ssh from the docker container using ssh -p 'port' '[email protected]' I get a prompt asking me for my password…

Additionally, it seems that visudo doesn’t exist on the synology distro, is there any manual way to do what visudo does ?
How should I get to solving the first issue ?
I do see the signature was added to the host machine successfully


#45

did you create a key? if the key is available and you have copied it the host you dont need password


#46

Yes, I did create the key :

[email protected]:~/.ssh# ssh-copy-id [email protected]_ip -p my_port
/usr/bin/ssh-copy-id: INFO: Source of key(s) to be installed: "/root/.ssh/id_rsa.pub"
/usr/bin/ssh-copy-id: INFO: attempting to log in with the new key(s), to filter out any that are already 
   installed
  /usr/bin/ssh-copy-id: INFO: 1 key(s) remain to be installed -- if you are prompted now it is to install the new keys
[email protected]_ips's password:

Number of key(s) added: 1

Now try logging into the machine, with:   "ssh -p 'port' '[email protected]_ip'"
and check to make sure that only the key(s) you wanted were added.

#47

ok and did you try login in from the container to the host?


#48

I did, this is when I got the password prompt


#49

did you restart the container after creating the key?
can you login the container and confirm the key is indeed at /root/.ssh?


#50

I haven’t restarted the container since creating the key, I can confirm the keys are in the container’s /root/.ssh

[email protected]:~/.ssh# cd /root/.ssh/
[email protected]:~/.ssh# dir
id_rsa  id_rsa.pub  known_hosts
[email protected]:~/.ssh#

#51

so i guess next is to confirm that the key content is indeed in the host home directory for your user.
so if you ssh directly into your synology and cd .ssh
you should have an authorized_keys file

the key in id_rsa must match one of the entries in authorized keys


#52

Yes, it’s there alright and the content of the key on the host authorized_keys matches the id_rsa.pub file’s content
Something I’m not sure about - should the mount be according to the user I intend on using, meaning :

Instead of /root/.ssh should I use /my_user/.ssh as the container mount target ?
Could it be somehow related to user rights ?


#53

sorry not following, what you mean the mount?
your config volume will be in the share directory you created, correct?

edit: sorry i follow.
no you’re correct. you need the folder where the key is to persist. in this case /root/.ssh


#54

Correct, but in your instructions you said something like:
/volume1/Media/SmartHome/Config/HomeAssistant/.sshkeys:/root/.ssh

In the case I’m using a user which login isn’t root, let’s say ohadbenita, shouldn’t the mount look like this :/volume1/Media/SmartHome/Config/HomeAssistant/.sshkeys:/ohadbenita/.ssh

I might be talking nonsense here…


#55

alright, in this case it seems that everything is in order, should I have restarted the container?


#56

no, the keys are in place. you should be able to just type ssh [email protected] and go in. try doing it witout the -P flag


#57

Since I’m using a non-default port for SSH I’m afraid it’s not possible as the default SSH port (22) is blocked…


#58

right ok try this:
ssh -i /root/.ssh/ -p xx [email protected]


#59

No luck, it claims this is a directory, not to mislead so I’ll repeat this again - I was unable to run visudo on the host machine, could that be what’s causing this ?


#60

I dont think so. once you do login and want to execute the command, that will be another problem.
right now you cant login from the container

try ssh -i /root/.ssh/id_rsa.pub -p xx [email protected]


#61

Sorry, still asks for the password…