I run openhab on a Raspberry and its run with user “openhab”. I would like to execute a script which logs in to another server and runs a script. With my admin user that works perfectly, without a password (as I use the proper generated key to login to the other server). When i run the script from the openhab engine it fails, as the openhab user hasn’t got the proper certificate. How shall I proceed? Any best practice here? In my script I don’t want to use a password to access the other server. Shall I allow openhab to sudo? Thank you for your advice in advance.
Put the proper certificate in ~openhab/.ssh which is /var/lib/openhab2/.ssh.
Make sure to set the permissions properly (i.e the private key should be
-rw-------) or you will get an error.
You need to generate ssh keys as the openhab user and then copy them across to the target server. I use the following to do this to access a number of other devices to execute scripts locally stored on the remote server.
sudo -u openhab ssh-keygen -t rsa
sudo -u openhab ssh-copy-id -i /var/lib/openhab2/.ssh/id_rsa.pub user@hostname
You can then test and confirm ssh key access with
sudo -u openhab ssh user@hostname and you should have access.
Note: I’ve assumed an openhabian install on the Raspberry PI. If not then change /var/lib/openhab2/ to whatever the home directory is for your openhab user.