Is there luup code for sending ssh commands to a server?

When you ssh from Vera, it won’t use your key file directly unless you tell it to.
Did you follow the steps here: http://forum.micasaverde.com/index.php/topic,11663.msg89171.html#msg89171
I don’t do this any longer, but I can try at home later to see if it still works.

Yes… I followed you post (the one you just linked to also)

Did everything there, but yes, still prompts for the password.

Do you have another machine you can try to SSH from to check the key?
Is your .ssh directory (and maybe the files inside it) only readable by your user?

Yes, I have an office full of MAC’s…

Are you saying to test from the Mac to the linux box? I can SSH to it… but still get prompted.

I confused on how to test if not coming from vera since the public key is from the Vera…

I know I am missing a point here someplace ???

Check the file permissions on the receiving end, for both the ~/.ssh directory and for the ~/.ssh/authorized_keys file. sshd’s will not let you in if the file perms are incorrect, see the FILES section of the man page for the specifics on what’s needed:
man page sshd section 8

Thanks for the link!

Right… looks like a have some more reading to do…

I’m goin to set up a Virtual Machine to do my R&D on so I can break till my heart is content and not worry.

From my Mac, just now

Asked for Password still so I just kept hitting enter to not login… and I got:

Permission denied (publickey,gssapi-keyex,gssapi-with-mic,password).

so… thats new. I don’t know what it means but looks like permissions IS my issue huh ?

run ssh -vvv … and post the output

Just a WAG, but your [tt]authorized_keys[/tt] file has this as the “trusted” user:
root@MiOS_12345678

Is “MiOS_12345678” resolvable in your DNS service by the receiving machine? If not, try substituting the IP Address of your Vera (as a temporary work-around)

eg. root@192.168.54.34

… or whatever IP your Vera is on. For SSH I have my Mac’s FQDN in my RaspPi, as that’ll resolve in my local DNS subsystem, but swapped it out for the IP and that works also.

Possibly not right. Try instead adding your new (long) line to the end of authorized_keys. That one file lists all allowed keys, one per line. Some SSH servers use authorized_keys2 but some ignore it.

The email address at the end is just a comment and can be anything. Don’t fuss about it.

The other thing you can do to debug the situation is to tail the sshd log file, which is somewhere is /var/log and depends heavily on your exact distribution.

[root@localhost ~]# ssh -vvv
OpenSSH_5.3p1, OpenSSL 1.0.0-fips 29 Mar 2010
usage: ssh [-1246AaCfgKkMNnqsTtVvXxYy] [-b bind_address] [-c cipher_spec]
[-D [bind_address:]port] [-e escape_char] [-F configfile]
[-i identity_file] [-L [bind_address:]port:host:hostport]
[-l login_name] [-m mac_spec] [-O ctl_cmd] [-o option] [-p port]
[-R [bind_address:]port:host:hostport] [-S ctl_path]
[-W host:port] [-w local_tun[:remote_tun]]
[user@]hostname [command]

Don’t see any -vvv options…

I started over on a Virtual Machine and having the same problem

had to create the /.ssh dir by running ssh keygen on the linux Machine
created authorized_keys
and pasted in my Vera generated key with root@local_ip

chmod 400 ~/.ssh/id_rsa
chmod 400 ~/.ssh/id_rsa.pub

still prompted for a PW when ssh from vera to test linux VM

The -vvv option just gives a more details verbose logging. It is part of the -v option, just that adding additional v’s will provide more details. You need to make sure that authorized_keys(2) is change to chmod 600 or 400.

  • Garrett

The usual way I copy ssh key is with the ssh-copy-id command. On the client after you have created your keys, run ssh-copy-id USERID@IP

It should prompt you for a password and then it will copy your public key over and exit back out. Then you can test with just regular ssh and you should be able to login. The following settings in sshd_config can affect logging in with root with or without a key.
PermitRootLogin
PasswordAuthentication
PubkeyAuthentication
StrictModes
AuthorizedKeysFile

There are more than just the above options but those are usually the gotchas, along with the Port option. You can take a look here for the other settings: sshd_config(5) - OpenBSD manual pages

On another note, to do this the other way around you have to put a public key on Vera, at least in Vera Lite, the authorized_keys file goes into /etc/dropbear/

On the server you are trying to put your key on, make sure your .ssh folder is 0700 and that root owns the folder, then make all the files in that folder 0400.

To make those changes you can do.

chown -R root:root ~/.ssh
chmod 0700 ~/.ssh
chmod 0400 ~/.ssh/*

well… I tried everything and… It worked! on my test VM.

So now I am going to figure out just what I did right and try on a production machine…

Thanks Guys!

If you need help, PM me and we can set up a WebEx.

Thanks Gibby,

I am further… just trying to get it fired off from luup code now

EDIT… YES!!!
os.execute(“ssh -i ~/.ssh/id_dss -l root 192.168.15.104 reboot”)
worked, all on my test VM. This is so sweet

Thanks again everyone!

And Now working on production Server…

So I think … I didn’t edit authorized_keys correctly ::slight_smile: and keys2 I deleted.

On last hurdle…

I have:

os.execute(“ssh -i ~/.ssh/id_dss -l root 192.168.15.104 shutdown -h now”)

I need to execute that on two servers… in my Lua I put that line in twice with the correct IP’s
I’m getting an error … so clearly I am not formatting this correctly:
“ERROR : Error in lua for scenes and events”

I tested both servers separately so that logic works if you have one line… I just need a hand running that command twice:

os.execute(“ssh -i ~/.ssh/id_dss -l root 192.168.15.104 shutdown -h now”)
os.execute(“ssh -i ~/.ssh/id_dss -l root 192.168.15.105 shutdown -h now”)

seems to be not a valid argument

Try this

os.execute("ssh -i ~/.ssh/id_dss -l root 192.168.15.104 shutdown -h now &;ssh -i ~/.ssh/id_dss -l root 192.168.15.105 shutdown -h now &") 

[quote=“gibby, post:37, topic:172513”]Try this

os.execute("ssh -i ~/.ssh/id_dss -l root 192.168.15.104 shutdown -h now &;ssh -i ~/.ssh/id_dss -l root 192.168.15.105 shutdown -h now &") [/quote]

I tried it, I got no errors, But I ran the scene and the servers did not reboot :frowning:

Did you try running the below from the CLI on Vera?

ssh -i ~/.ssh/id_dss -l root 192.168.15.104 shutdown -h now

Yes… From vera CLI and Lua I can reboot or shutdown the server now…
I just ned to figure out how to code shutting down the 2 servers

os.execute(“ssh -i ~/.ssh/id_dss -l root 192.168.15.104 shutdown -h now”)
os.execute(“ssh -i ~/.ssh/id_dss -l root 192.168.15.105 shutdown -h now”)

gives me an error