mwarning / trigger

Android app to lock/unlock/ring doors. Supports generic HTTPS/SSH/Bluetooth/MQTT and Nuki Smartlock.
GNU General Public License v3.0
134 stars 22 forks source link

SSH seems to be broken #59

Closed CantBelieveThisWorks closed 3 years ago

CantBelieveThisWorks commented 3 years ago

Hey, I noticed that 3.3.0 is the last version that works for me using SSH. I authenticate via public key only and try to execute a shell script on the server (e.g. /var/opt/door/open.sh, ssh user has sufficient permissions from their group). The shell script just contains an echo instruction returning "LOCKED" or "UNLOCKED", additionally it touches a file, to verify that it indeed executed, in case the message parsing was at fault. With 3.3.0 everything is as expected, when pressing the open button the trigger logo turns green (echo "UNLOCKED) and when pressing the close button in the app the trigger logo turns red (echo "LOCKED"), also the files appear on the server side. Starting with 3.3.1 the trigger logo stays yellow and the file is not created, so the script is never run on the server. The output from sshd shows that the public key has been accepted in both cases, however, with 3.3.1 the ssh connection is closed after 1s whereas with 3.3.0 it stays open. Behaviour in 3.3.2 is analogue to 3.3.1. My guess would be that the issue is situated in the following commit, as it changes from using a shell to directly executing a command: https://github.com/mwarning/trigger/commit/f628211a5fbb0601735c4f71b0cc1dfa209f7f49 Can you verify this issue? Do I have to change the way commands are called or is that indeed a bug?

StickyDigit commented 3 years ago

Have you tried setting the command with the key at the server and sending the argument only? There was a change of SSH library a couple of versions back which broke that briefly. I'm using SSH and have no problems with 3.3.2, but I had always tied down the command with the pubkey, and only send the args (in my case lock/unlock/status). You'll be able to find the way I did that in an earlier issue, else yell and I'll fire up a laptop to give an example. -- Sent from a phone. Please excuse my brevity.

CantBelieveThisWorks commented 3 years ago

Thanks for the help. That does indeed work and actually makes much more sense doing it this way.

mwarning commented 3 years ago

@StickyDigit thank your for the help!

I still wonder why calling a script would not work for you. I will try to recreate that later.

mwarning commented 3 years ago

ssh with ed25519 key works fine for me. It calls a script that returns UNLOCKED and the background goes green.