I always have issues with openhab executing these rules.
the loginfo output is ‘null’. The remote device (pfsense firewall) has a sudo package installed and has the openhab user defined with a SSH key and root privi to run commands
The rule is:
le "Shutdown Firewall"
when
Item shutdownfirewall changed to ON
then
shutdownfirewall.postUpdate(OFF)
Thread::sleep(300)
var result = executeCommandLine("sudo ssh openhab@192.168.1.254 sudo /etc/rc.halt,5000")
logInfo("exectest", "results- " + result)
end
Maybe because it’s not supposed to build it like that ? To remotely shutdown whatever usually is just sign of a deeper lying, still not correctly solved problem, this is why I dislike helping people with these.
Anyway, try removing the first sudo. It makes you ssh into your remote box as root, not openhab.
Usually needing to do that is a workaround to avoid an issue of some sort. The REAL issue could cause you other problems later. The correct solution is to fix the original issue, not lower your security.
He’s (almost) safe when he succeeds in shutting down his inet connection, isn’t he ?
No need to bother about re-activation, hackers or accidents to trigger this.
Actually I once saw the ‘perfect firewall device’ advertised on Ebay. It had resemblances to a wire cutter but hey, it was only $29.99 and it’s safe !
yawn Given I work in IT security let me assure you the need to shut down the firewall by my parents (using their home automation software) who are in their 60s because of possible bushfires is not masking another issue but thanks .
If there was a bush fire I’d rather run than worry about IT equipment but ok.
Forgive Bruce and me, he’s right for >99% of cases where people ask to reboot or halt systems.
Hi, your issue is that from the command line the user is ‘server’ who is doing the login, however when openHAB executes it, it is from the user ‘openhab’. So that is why you have the host key error.
You can try to do the ssh from the command line with the openhab user:
How do I go about resolving it Maurits28? The openhab user is defined on the pfsense device with the key that was created on openhab from the key.pub file
You need to share the pub key of the openhab user on the openhab device. I can’t remember how I did this myself. You can search this forum for clues, or search general linux fora to see how to create a key set for a different user.
Now on the road, so can’t check my notes.
Thats OK, ive looked and looked (near 6hrs now!) i try and create a key for the open hab user, copy it to the remote machine but then it asks for a password. As far as I know the openhab user has no password. So i get authentication failures
Its just so stupidly complex when it shouldnt be!
if youve got some notes, id love for you to share them at some stage.