Hi,
I’m wondering if bundles could be restartet by a trigger automatically.
In OH1 I had some helper shell scripts, which forced the reload of a binding, if it failed (monit watched the oh logs and made a “touch /path/to/binding”).
Is there a chance to get a bundle restart automatically, maybe by a shell script?
This might be no more needed in OH2 (when all bindings work as excpected), but I prefer a selfhealing attempt.
As karaf allows ssh, you can run karaf commands directly from your shell script, e.g.
ssh openhab@127.0.0.1 -p 8101 bundle:restart 206
would restart the bundle with id 206. If you want to get around ssh asking for password, you can install sshpass if you are using a linux based system.
Of course you would need to know the ID of the bundle (or add on) that you want to restart, which you could get for example with a bundle:list | grep 'ZWave Binding' | cut -c1-3 etc
That’s what I’m doing now (maybe it’s usefull for someone):
I use openssh key as I want a passwordless interaction.
Create openssh key pair:
mkdir /var/lib/openhab2/.ssh
cd /var/lib/openhab2/.ssh
ssh-keygen -t dsa -f openhab.id_dsa
cd ..
chown -R openhab:openhab .ssh ; chmod 700 .ssh
Import the public key (openhab.id_dsa.pub) into /var/lib/openhab/etc/keys.properties like openhab=AAAAB3NzaC1kc3M...XWKpeyW789IBpcZfyYQ=,_g_:admingroup
Be aware that the leading “ssh-key” and trailing “user@server” has to be omitted.
A login to the console should work now with ssh -i /var/lib/openhab2/.ssh/openhab.id_dsa openhab@127.0.0.1 -p 8101
The excution of a karaf command should work with ssh -i /var/lib/openhab2/.ssh/openhab.id_dsa openhab@127.0.0.1 -p 8101 bundle:restart 209
The monitoring software monit could be used to monitor for ERROR in openhab.log and than e.g. restart a bundle. A monit-file could look lie this
check file openhab.log with path /var/log/openhab2/openhab.log
if match "some string to match in openhab.log" then exec "ssh -i /var/lib/openhab2/.ssh/openhab.id_dsa openhab@127.0.0.1 -p 8101 bundle:restart xyz"
Hello Michael, I am new to OH2 and I have a binding that needs to be restarted if changes are made outside of OH2. I followed your instructions, but when I try to run the ssh command I still get prompted for a password. I have OH2 running on Ubuntu Server 16.04 and I installed OH2 using the apt-get command of the stable release. When creating the openhab.id_dsa file it prompted me to enter a passphrase which I have tried two different ways one: using the password for the OH-cli console and two: I left it blank, but both ways I get prompted for a password. If I enter the password for the console it works fine. I am not seeing what I am doing wrong here. Can you please shed some light on what I am not getting? Any help would be greatly appreciated.
Hi John,
the passphrase you are asked for during ssh key generation is to protect your private key. In your case you won’t protect your key with a passphrase, as this ssh-process would than need your interaction. So leave the key empty, just hit enter when your are asked for the passphrase.
You need to set the right file permissions for your key file and - I think - also for the directory.
So try to
OK so I created a dummy item of switch type and created a rule
rule "RestartBind"
when
Item LgTvRestart changed from OFF to ON
then
logInfo("RestartBind","RestartBind rule triggered")
var String results = executeCommandLine("/etc/openhab2/scripts/Restart.sh",1000)
logInfo("RestartBind", "Results from binding restart: " + results)
end
Yes PubkeyAuthentication is set to yes. When I try to open in the console this is the error message I get right before it asks for a password
`Warning: Identity file /var/lib/openhab2/.ssh/openhab.id_dsa not accessible: Permission denied.`
Now the first part of your instructions was done under the su account, because it kept failing and instead of typing sudo every time I just elevated to root. Could this be causing an issue?
I did notice in your path you have it going to openhab and I have openhab2. Could this be a difference between versions 1 and 2 or did you just type it wrong. Also what about nightly builds, I’m on a stable release, would converting to a nightly build make any difference?
The warning message suggests maybe my file permissions are not correct or there maybe something else in the ssh config file. I have not done anything with the openhab user except install OH2 and changed the password from the default. Is there anything else I should do with it?
This really looks like something that I could use and solve a lot of my issues, so I would love to get this configured correctly. I could even try reinstalling OH2 from scratch to see if that makes a difference. I have OH2 installed on a VM running on an ESXi server. I could easily spin up another copy to try something different. I’m new to OH, but I am far from a beginner and not afraid of messing things up. Like I said before this is built on a VM and I take snapshots regularly and did take one before starting this adventure.
Here is some more information on my setup, maybe it will help. In my lab I have an ESXi server with dual Xeon processers with hyper-threading, 48GB of RAM, each VM runs on it’s own SSD, 2 1 Gigabit NICs and 4 10 Gigabit NICs. So it’s not a lack of resources or bottlenecking.
OpenHAB is running on a VM which I allotted 2 core processor and 4GB RAM. It runs on Ubuntu Server 16.04 LTS and I have openssh server, Zulu 8 and openhab installed. I only have a few bindings installed, the LGTV binding which is what I am trying to configure, the HomeKit Integration for Alexa and the openHAB Cloud Connector for remote access.
I like to configure one binding at a time just incase I mess something up. After each step I take a snapshot so I can go back to that point without having to redo everything over.
Well, the error tells all what you need. openhab can not access the key
file, so take care that this is possible. If you know linux, you should
know how to use chmod and chown commands. It should look like this (if
you use the user openhab):
I have been using Linux for a couple years now. I am by far an expert, but I know enough to get by. When I run the command other than the date it’s the same thing.
-rw------- 1 openhab openhab 668 Jan 26 19:51 /var/lib/openhab2/.ssh/openhab.id_dsa
When I run the command just on the .ssh directory I get:
total 16
drwx------ 2 openhab openhab 4096 Jan 26 19:51 .
drwxr-xr-x 12 openhab openhab 4096 Jan 26 19:50 ..
-rw------- 1 openhab openhab 668 Jan 26 19:51 openhab.id_dsa
-rw-r--r-- 1 openhab openhab 602 Jan 26 19:51 openhab.id_dsa.pub
root@OpenHAB:/home/goug# ls -la /var/lib/openhab2/.ssh/openhab.id_dsa
So the openhab user has the correct permissions so I am at a lost. I’m going to try a few things and try to spin up a new copy and see where that takes me.
I do applicate all of the help and guidance you provided me. I will let you know if I can get this working. Thanks again!
Hit ‘’ for a list of available commands
and ‘[cmd] --help’ for help on a specific command.
Hit ‘’ or type ‘system:shutdown’ or ‘logout’ to shutdown openHAB.
It looks like it’s looking in my home directory for the identity file instead of the .ssh directory
goug@OpenHAB:~$ ssh -i /var/lib/openhab2/.ssh/openhab.id_dsa openhab@127.0.0.1 -p 8101 -v
Warning: Identity file /var/lib/openhab2/.ssh/openhab.id_dsa not accessible: Permission denied.
OpenSSH_7.2p2 Ubuntu-4ubuntu2.4, OpenSSL 1.0.2g 1 Mar 2016
debug1: Reading configuration data /etc/ssh/ssh_config
debug1: /etc/ssh/ssh_config line 19: Applying options for *
debug1: Connecting to 127.0.0.1 [127.0.0.1] port 8101.
debug1: Connection established.
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_rsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_rsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_dsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_dsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_ecdsa type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_ecdsa-cert type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_ed25519 type -1
debug1: key_load_public: No such file or directory
debug1: identity file /home/goug/.ssh/id_ed25519-cert type -1
debug1: Enabling compatibility mode for protocol 2.0
debug1: Local version string SSH-2.0-OpenSSH_7.2p2 Ubuntu-4ubuntu2.4
debug1: Remote protocol version 2.0, remote software version SSHD-CORE-1.6.0
debug1: no match: SSHD-CORE-1.6.0
debug1: Authenticating to 127.0.0.1:8101 as 'openhab'
debug1: SSH2_MSG_KEXINIT sent
debug1: SSH2_MSG_KEXINIT received
debug1: kex: algorithm: ecdh-sha2-nistp256
debug1: kex: host key algorithm: ssh-rsa
debug1: kex: server->client cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: kex: client->server cipher: aes128-ctr MAC: hmac-sha2-256 compression: none
debug1: sending SSH2_MSG_KEX_ECDH_INIT
debug1: expecting SSH2_MSG_KEX_ECDH_REPLY
debug1: Server host key: ssh-rsa SHA256:axMwMQ5dz0Sr4gsUxJGdB1et9GoFVLKC7Oni7QrPVH8
debug1: Host '[127.0.0.1]:8101' is known and matches the RSA host key.
debug1: Found key in /home/goug/.ssh/known_hosts:1
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS sent
debug1: expecting SSH2_MSG_NEWKEYS
debug1: rekey after 4294967296 blocks
debug1: SSH2_MSG_NEWKEYS received
debug1: SSH2_MSG_SERVICE_ACCEPT received
debug1: Authentications that can continue: keyboard-interactive,password,publickey
debug1: Next authentication method: publickey
debug1: Trying private key: /home/goug/.ssh/id_rsa
debug1: Trying private key: /home/goug/.ssh/id_dsa
debug1: Trying private key: /home/goug/.ssh/id_ecdsa
debug1: Trying private key: /home/goug/.ssh/id_ed25519
debug1: Next authentication method: keyboard-interactive
Password authentication
Password: