ikifar2012
commented
2 years ago You are storing the SSH key in a file in the SSL directory correct?
Closed ClearlyDazed closed 2 years ago
ikifar2012
commented
2 years ago You are storing the SSH key in a file in the SSL directory correct?
ClearlyDazed
commented
2 years ago Yes, the previous version of the add-on was working until Dec 23 , after which it was automatically updated. Redid the ssh-keygen again with the ssh key placed in the SSl directory, but still received error message. Could ssh and scp into remote server from HA terminal.
ikifar2012
commented
2 years ago Strange, nothing has changed. Upon running the addon a second time do you get the same error?
ClearlyDazed
commented
2 years ago I have just run it again and have included the log for the add-on below. I'll try to downgrade the addon version and take a look at the remote server again.
Oops! Something went wrong.We are so sorry, but something went terribly wrong when starting or running this add-on.
[cont-finish.d] 99-message.sh: exited 0. [cont-finish.d] done. [s6-finish] waiting for services. [s6-finish] sending all processes the TERM signal."
ClearlyDazed
commented
2 years ago I downgrade to Remote Backup 2012.11.2. The log below shows that the backup was coped to the remote server.
I updated Remote Backup to 2012.12.0. The log is the same as the previous post, reporting scp did not work.
[cont-init.d] 00-banner.sh: exited 0. [cont-init.d] 01-log-level.sh: executing... [cont-init.d] 01-log-level.sh: exited 0. [cont-init.d] done. [services.d] starting services [services.d] done. [info] Adding SSH key [info] SSH key added [warn] Creating local backup: "Automated backup 2021-12-28 11-51" [info] Backup created: 4cd609f8 [warn] Copying 4cd609f8.tar to /data/Documents/BACKUPS/Home_Assistant/Odroid on 192.168.1.109 using SCP Warning: Permanently added '192.168.1.109' (ECDSA) to the list of known hosts. [info] Backup copied to /data/Documents/BACKUPS/Home_Assistant/Odroid/4cd609f8.tar on 192.168.1.109 [warn] Renaming 4cd609f8.tar to Automated backup 2021-12-28 11-51.tar [info] Backup renamed to /data/Documents/BACKUPS/Home_Assistant/Odroid/Automated backup 2021-12-28 11-51.tar on 192.168.1.109 [info] SCP complete
ClearlyDazed
commented
2 years ago Currently have Remote Backup 2012.11.2 working under HA Core 2021.12.6
ikifar2012
commented
2 years ago Both me and @SirGoodenough have attempted to recreate your issue and can't, the only change I made was to upgrade the base image and that should have had no effect on SSH. Are you sure you have allowed the root user to SSH? Is the SSH server up to date? What command did you use to generate the key? If its old I'd highly recommend creating an Ed25519 key
If you would like to discuss this further, I highly recommend you to join the What are we fixing today? Discord Server
ClearlyDazed
commented
2 years ago Thank you. I'll follow your recommendations.
From: Matheson Steplock @.*** Sent: Wednesday, December 29, 2021 3:48 PM To: ikifar2012/remote-backup-addon Cc: ClearlyDazed; Author Subject: Re: [ikifar2012/remote-backup-addon] Does Backup but doesn't save to remote server (Issue #37)
Both me and @SirGoodenoughhttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2FSirGoodenough&data=04%7C01%7C%7Cbf461693255143a6981d08d9cb14db27%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637764112714420707%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=04INx0DTJ4Up263nLVJ%2BynSqXzmmLgOnERojEX8HkEA%3D&reserved=0 have attempted to recrate your issue and can't, the only change I made was to upgrade the base image and that should have had no effect on SSH. Are you sure you have allowed the root user to SSH? Is the SSH server up to date? What command did you use to generate the key? If its old I'd highly recommend creating an Ed25519 key
If you would like to discuss this further, I invite you to join the What are we fixing today? Discord Serverhttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fdiscord.gg%2FUhmhu3B&data=04%7C01%7C%7Cbf461693255143a6981d08d9cb14db27%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637764112714420707%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=DAgKWoyV9hTgEEk7%2BCpFjjStqtCT7tFgv0evQadCkIY%3D&reserved=0
- Reply to this email directly, view it on GitHubhttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fikifar2012%2Fremote-backup-addon%2Fissues%2F37%23issuecomment-1002788011&data=04%7C01%7C%7Cbf461693255143a6981d08d9cb14db27%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637764112714420707%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=%2FLLNB5rxt4q9kQYzH6bwwpAvOzSqyvFA2N9wRo46yIw%3D&reserved=0, or unsubscribehttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fgithub.com%2Fnotifications%2Funsubscribe-auth%2FAHUOKJUZJC7MV5YE3UWUBQLUTN6YFANCNFSM5K24ZRNA&data=04%7C01%7C%7Cbf461693255143a6981d08d9cb14db27%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637764112714420707%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=3PFNE5mvF3lyJOqmLXzol%2FFI20fTql6Hn8sEUpNpAsA%3D&reserved=0. Triage notifications on the go with GitHub Mobile for iOShttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fapps.apple.com%2Fapp%2Fapple-store%2Fid1477376905%3Fct%3Dnotification-email%26mt%3D8%26pt%3D524675&data=04%7C01%7C%7Cbf461693255143a6981d08d9cb14db27%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637764112714420707%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=GopBgLye52SpLoZU6J4Jfgi0WdkK8PyoW4ET3w0JoXo%3D&reserved=0 or Androidhttps://na01.safelinks.protection.outlook.com/?url=https%3A%2F%2Fplay.google.com%2Fstore%2Fapps%2Fdetails%3Fid%3Dcom.github.android%26referrer%3Dutm_campaign%253Dnotification-email%2526utm_medium%253Demail%2526utm_source%253Dgithub&data=04%7C01%7C%7Cbf461693255143a6981d08d9cb14db27%7C84df9e7fe9f640afb435aaaaaaaaaaaa%7C1%7C0%7C637764112714420707%7CUnknown%7CTWFpbGZsb3d8eyJWIjoiMC4wLjAwMDAiLCJQIjoiV2luMzIiLCJBTiI6Ik1haWwiLCJXVCI6Mn0%3D%7C3000&sdata=QfW3oQ51JLD3IYKcb2%2BIYQfkumCrZYEjDonbc7kOzz4%3D&reserved=0. You are receiving this because you authored the thread.Message ID: @.***>
Kreisverkehr
commented
2 years ago I have a similar issue. My backup stopped working on the exact same day, probably due to the update. I noticed this now because my HA Instance ran out of disk space because of that error. It seems that an update to scp was shipped with the base image, that removed support for older key types and my old, prebuilt nas that doesn't get any updates anymore, does not offer any key type that this version of scp can understand.
[s6-init] making user provided files available at /var/run/s6/etc...exited 0.
[s6-init] ensuring user provided files have correct perms...exited 0.
[fix-attrs.d] applying ownership & permissions fixes...
[fix-attrs.d] done.
[cont-init.d] executing container initialization scripts...
[cont-init.d] 00-banner.sh: executing...
-----------------------------------------------------------
Add-on: Remote Backup
Automatically create and backup HA backups using SCP
-----------------------------------------------------------
Add-on version: 2022.1.1
You are running the latest version of this add-on.
System: Home Assistant OS 7.2 (armv7 / raspberrypi4)
Home Assistant Core: 2022.2.2
Home Assistant Supervisor: 2022.01.1
-----------------------------------------------------------
Please, share the above information when looking for help
or support in, e.g., GitHub, forums or the Discord chat.
-----------------------------------------------------------
[cont-init.d] 00-banner.sh: exited 0.
[cont-init.d] 01-log-level.sh: executing...
[cont-init.d] 01-log-level.sh: exited 0.
[cont-init.d] done.
[services.d] starting services
[services.d] done.
[info] Adding SSH key
[info] SSH key added
[warn] Creating local backup: "Automated backup 2022-02-07 00-00"
[info] Backup created: d613d6b1
[warn] Copying d613d6b1.tar to /nfs/Sicherungen/HomeAssistant on wdmycloud.local using SCP
Unable to negotiate with 192.168.2.1 port 22: no matching host key type found. Their offer: ssh-rsa,ssh-dss
lost connection
[cmd] /run.sh exited 1
[cont-finish.d] executing container finish scripts...
[cont-finish.d] 99-message.sh: executing...
-----------------------------------------------------------
Oops! Something went wrong.
We are so sorry, but something went terribly wrong when
starting or running this add-on.
Be sure to check the log above, line by line, for hints.
-----------------------------------------------------------
[cont-finish.d] 99-message.sh: exited 0.
[cont-finish.d] done.
[s6-finish] waiting for services.
[s6-finish] sending all processes the TERM signal.@Kreisverkehr I really want to try to recreate this, do you know what type of key you created and how you generated them? The model of the nas would also be great
Kreisverkehr
commented
2 years ago @ikifar2012 Your're right. I should have included that in my first message.
My NAS: Device: WD My Cloud 4TB Firmwareversion: WDMyCloud v04.05.00-342 : Core F/W Linux Kernel: WDMyCloud 3.2.26 SSH Version: OpenSSH_6.0p1 Debian-4, OpenSSL 1.0.1t 3 May 2016
My Key Type: RSA Generated on: Windows 10 using the builtin ssh-keygen tool (must have been 20H2 or 21H1)
I just noticed, while gathering the information that there is an update to my NAS Firmware. The changelog does not talk about SSH but I'll try updating it.
ikifar2012
commented
2 years ago Found this: https://askubuntu.com/questions/836048/ssh-returns-no-matching-host-key-type-found-their-offer-ssh-dss
Not sure the best way to implement adding that into the addon either I could make HostKeyAlgorithms an optional parameter in the addon config
Kreisverkehr
commented
2 years ago This seems to be resolving at least my issue. An optional parameter would be geat. Maybe with a warning on enabeling insecure algorithms. If the user is using this addon with a now insecure alogrithm he schould be aware of it an enable it explicitly.
BioDuke
commented
2 years ago You are storing the SSH key in a file in the SSL directory correct?
TLDR:
/usr/share/hassio/ssl
I'm a relative noob with containers and HA. This stumped me for a while. I knew I was looking for the SSL directory. but it took me ages to find the correct one. There are multiple SSL directories on my RPI HA supervised instance. There are also multiple containers running on the machine, many had their own SSL directories.
I finally figured it out by inspecting the the remote_backup docker instance
docker inspect addon_3490a758_remote_backup
and found this in the config
...
"HostConfig": {
"Binds": [
"/dev:/dev:ro",
"/usr/share/hassio/addons/data/3490a758_remote_backup:/data:rw",
"/usr/share/hassio/homeassistant:/config:ro",
"/usr/share/hassio/ssl:/ssl:ro",
"/usr/share/hassio/addons/local:/addons:ro",
"/usr/share/hassio/backup:/backup:rw",
"/usr/share/hassio/share:/share:ro"
],/usr/share/hassio/ssl is a directory created/used by the Homeassistant container, but the file is located on your linux instance.
stale[bot]
commented
2 years ago This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.
Have used this add-on for some time but the recent update gives an error in the logs. "[info] Backup created: 35c9e120 [warn] Copying 35c9e120.tar to /data/Documents/BACKUPS/Home_Assistant/Odroid on 192.168.1.109 using SCP Warning: Permanently added '192.168.1.109' (ECDSA) to the list of known hosts. Permission denied, please try again."
Last working backup was on Dec 23, 2021 Has something changed for ssh key in add-on? I can ssh into 192.168.1.109 from HA terminal.