Sending SSH Command to Remote Mac (iTunes / play-pause)

Check out the posts I linked. Your OH is running under the openhab account. That is the account that needs the permissions to run the script, or whatever else you want the Exec binding to execute.

1 Like

you are probably right, and i understand that i need to change the user but i dont know how to do so :frowning: i am a beginner in the command line and do not understand why the openhabian image is that confusing for beginners – i thought its the hasslefree version :smiley: haha

thanks for all your ideas, links and help so far! learned a lot out of it so far :wink: thanks!

sudo chown openhab: /etc/openhab2/scripts/

should fix this.

sudo                               : is for command as root
chown                              : change owner
openhab                            : user name
:                                  : change group name accordingly 
/etc/openhab2/scripts/  : name of file to change the ownership.
1 Like

a pity - its not :frowning: Radio is still playing Music…

i think you didnt read the whole thread :wink: - i created two scripts, one with “openhabian” and one with “openhab” just for testing - but still no luck…


this is still working but my exec-binding is not :frowning:

What’s the exact content of and

In question of file permissions: the simple way would be to

sudo chmod 755 /etc/openhab2/scripts/

to allow editing only for user openhab, but reading and execution for all users. Later, when all things work the right way, you can change the permissions to a more safe configuration.

both looks the same:

toggleResult=`ssh 'osascript -e "tell application \"iTunes\" to playpause"'`
echo "$toggleResult"

i tried your file permissions, but still no luck

What’s the output of

sudo -u openhab /etc/openhab2/scripts/


i needed a password

i tried this - but whats the default password for the “openhab” user ?



So now the problem is reduced to the login via ssh :slight_smile:

User username is secured via password. There is no (good) way to use password for scripted ssh. Instead you should use private keys to login. The steps for this:

  1. Create a pair of keys either at your raspberry or at your mac with empty password (i.e. no password at all)
    At your raspberry this is done with ssh-keygen
  2. either copy the public key to your mac or copy the private key to your raspberry, depending on where you did the key creation
  3. move the private key to /etc/openhab2/.ssh/keyfile (where keyfile is a meaningful name, e.g. name of your mac)
  4. chmod this key file to 600 (sudo chmod 600 /etc/openhab2/.ssh/keyfile)
  5. at your mac, change to the user profile and add the public key to your system. As I don’t own a mac, I don’t know the exact steps to place the public key, so please use google for that.
  6. add the filename to your script:
toggleResult=`ssh -i /etc/openhab2/.ssh/keyfile 'osascript -e "tell application \"iTunes\" to playpause"'`

This should result in a passwordless login for user openhab at your Mac with user username

1 Like

i already created the keys, but as @5iver said,
i need to do this on the “openhab” user and not on the “openhabian” user and i dont know how to do so…

i tried “su openhab” but i dont know the default password !?
i found an interesting thread:

No, you don’t need to.

The only thing to do is, to give the correct permissions and the correct file location.

There is no relation between private key and user account, in fact, you could use whatever private/public key pair you want to use:

  1. at the destination computer you need a public key, this key has to be allowed to be used to login by a user
  2. at the source computer you need an account with a private key
  3. you need to know the username corresponding to the public file

Altough there might be a username within the key file, it isn’t part of authentication process.

1 Like

okay, but what to do ? :slight_smile: sorry for being confused with the exec-binding…


This is no problem with exec binding, only a problem with correct permissions

I have added a few lines to my former answer… :wink:

i don’t know if it can help you i did’nt read all the post but this work for me ( openhab 2.0 mac mini 10.11 ( I think ) and itunes )

Switch playpause “Play/Pause” {exec=">[ON:ssh admin@ sh /Users/admin/Script/] >[OFF:ssh admin@ sh /Users/admin/Script/]"}

I did not give any password because i allready configure ssh presharekey

1 Like

Udo’s post has the steps, and you’ve already done 1, 2, 4 and 5.

If ~openhab exists (run echo ~openhab and see if it returns a valid folder path), then you can do the following instead, which will allow you to not specify the private key in the ssh command. If it does not exist, continue with Udo’s instructions.

Copy the private key to the openhab account’s home directory (I’m assuming you are using RSA keys)…
cp ~openhabian/.ssh/id_rsa ~openhab/.ssh/id_rsa

and change the owner to the openhab account…
chown openhab:openhab ~openhab/.ssh/id_rsa

Then test running the script as the openhab account and you should not be prompted for a password…
sudo -u openhab /etc/openhab2/scripts/

The password prompt you were getting was coming from the SSH command, because the openhab account did not have the private key in ~openhab/.ssh. The password was for the xxxxx account that you using in the SSH command in the script. On the Mac, you already setup the public key for that user.

1 Like

Did you change the script to use the private key?

toggleResult=`ssh -i /etc/openhab2/.ssh/keyfile 'osascript -e "tell application \"iTunes\" to playpause"'`

If the key is in ~/.ssh and named id_rsa (or id_dsa, if a DSA key), then the private key should not need to be specified. Phillipp wasn’t specifying the key when it was successful, so the key must be named id_rsa. Here’s a reference with a much better explanation than I can give :wink:.

So the question is: is there a home directory for user openhab?

Very good point! The manual installation instructions specify creating the openhab account using --no-create-home, so odds are very good that the package installation process does the same. I’ll update my previous post.