He can create one… But it really isn´t worth it.
It wont… Even though openhab runs as a service, the ssh client is still external from that part.
He dont have to… The certificat is saved from the clients interface (ie the windows machine without username).
All he has to do is to run ssh client from cmd promt with openhabian@IP. If openhabian promts back with the promt for the certificat he just need to enter ýes´and return. The certificat will be saved then.
That’s irrelevant to the problem.
The first time you connect to another machine using ssh, the client asks you to accept the certificate from that machine. When you hit “y” that cert gets saved on the client machine for the user on the client machine.
In this case the client machine is Windows. The user that needs to accept the cert is the user on the Windows machine.
The ssh command is failing before ssh even tries to log in to the remote machine as user openhabian. It first requires you to accept the certificate before it even tries.
The only user that matters for the problem under the OP is the user on the client machine (i.e. Windows) that is trying to run putty.
Have you installed Git for Windows, MinGW, or cygwin? These all come with an ssh client and they all put that client into your PATH.
But the ssh client is running as the user that initiated it, in this case openHAB running on Windows.
Exactly, and OP is telling us that he connects using putty from the command prompt on the Windows machine and accepts the certificate. But when he runs the command from openHAB running on the Windows machine it keeps asking to accept the certificate.
Which is exactly what I told him to do in post 4 and which OP replied he has done and it didn’t work in post 14.
I dont agree.
When using putty (stand alone) you DONT enter creditials at all. First time you´ll have to accept the certificat… After you have accepted, you´ll be promted for username.
Nope.
Yes, if you dont specify anything (assume we talk about the cmd promt in windows). It will be using the windows username which started the ssh client.
Now I´m confused… How can he run a ssh client from openhab on windows?? As far as I recall when I tested openhab on windows (long time ago), openhab is running in a (shell), which means he (openhabian) is already logged in. Things might have changed since. But since openhab is a server services I´ll suspect he can ssh to it just like normal. I dont see why not.
But if he uses Putty it will promt in a new window, and he will have to accept. It´s not the ordinary “yes/no” promt.
so i am doing this with a completely new Pi i have not connected to. This is the command prompt :
C:\Windows\System32>ssh pi@192.168.2.12 -p 222
The authenticity of host '[192.168.2.12]:222 ([192.168.2.12]:222)' can't be established.
ECDSA key fingerprint is SHA256:06+0Q7ZkfzkGMWhkjhgalkaghA2WfiySJ5rGkevVNE.
Are you sure you want to continue connecting (yes/no)? yes
Warning: Permanently added '[192.168.2.12]:222' (ECDSA) to the list of known hosts.
pi@192.168.2.12's password:
After adding it to the known list, i try and run my rule and it says:
C:\openHAB2\userdata>"C:\Program Files\PuTTY\plink.exe" -ssh pi@192.168.2.12 -P "222" -pw "MYPASSWORD1234" -m C:\openHAB2\conf\scripts\checkip.txt
The server's host key is not cached in the registry. You
have no guarantee that the server is the computer you
think it is.
The server's ssh-ed25519 key fingerprint is:
ssh-ed25519 255 f0:57:cb:29:ca:60:af:ed:51:4a:40:c2:75:52:c9:f7
If you trust this host, enter "y" to add the key to
PuTTY's cache and carry on connecting.
If you want to carry on connecting just once, without
adding the key to the cache, enter "n".
If you do not trust this host, press Return to abandon the
connection.
Store key in cache? (y/n) Connection abandoned.
So it is not remembering the host to the known hosts list
The first time you used the cmd promt. And you saved the certificat.
The second time you used Putty, and it asked for the certificat again… Thats normal. You´ll have to accept certificat from each application you use.
Try start Putty from desktop without any paramteres. Connect to your Rpi (IP). Do you get promtet to accept certificat again? If yes, accept and login (enter username/pw).
After that exit and try your script again.
Regarding username in putty, it´s a setting you can change. Notice its either manually entered, promtet or use windows username (system username):
I connect to all of my Rpi’s daily and they all have saved credentials. This is why im making the rules to automate this instead of logging in every time to send simple commands
login as: pi
pi@192.168.2.12's password:
Linux TransmissionPi 4.19.42-v7+ #1219 SMP Tue May 14 21:20:58 BST 2019 armv7l
The programs included with the Debian GNU/Linux system are free software;
the exact distribution terms for each program are described in the
individual files in /usr/share/doc/*/copyright.
Debian GNU/Linux comes with ABSOLUTELY NO WARRANTY, to the extent
permitted by applicable law.
Last login: Thu Sep 12 16:07:05 2019 from 192.168.2.3
Hmm thats odd… Your script should work as well. I have no more ideas then 
I just remember a coupple of months ago that I had to accept credentials each time I used Putty (from WinScp) to ssh to my Rpi… I didnt do much about, than to accept each time. I never found the issue of this, but I think it was related to openhab or maybe Putty. Suddenly it stopped promting, But in the mean time I had upgraded openhab to 2.5M1, updated Putty as well as update WinScp. So I cant tell which one caused the issue.
But OP doesn’t have a problem with the user or credentials. The OP has a problem with putty accepting and remembering that they accepted the remote RPi’s cert.
OP is successfully able to ssh to the client machine using putty from the command prompt so, for the purposes of the original problem, it’s irrelevant. OP already knows to do this and is doing it and it is not related to the problem.
You are confusing which user is relevant here. The user on the remote RPi is irrelevant for the problem in the OP. You can use any login name. But until the user on the Windows machine accepts the certificate from the remote RPi ssh will not allow the connection to take place and it fails before any user authentication has a chance to take place.
The problem is putty is not remembering that the OP has accepted the RPi certificate when he runs the command from the command prompt and it asks for it again when it’s run from openHAB.
What you say is true. But it’s completely irrelevant to solving OP’s problem and OP already knows to do this.
executeCommandLine('"C:\Program Files\PuTTY\putty.exe" -ssh openhabian@192.168.2.10 -pw "MYPASSWORD1234!" -m checkip')
There is no such thing as an “openhabian” user on Windows unless you’ve gone out of your way to create one, which is a lot of work and unlikely to have occurred.
Which is the exact problem. It doesn’t remember that the user has accepted the remote RPi’s certificate so it keeps asking for it and there is no way to supply the “y” when running the command from the openHAB running on Windows.
You can use putty from a command prompt without the GUI. See the command above.
So Kim is right, ssh and plink.exe are completely different. ssh will cache the certificate in C:\Users\<username>\.ssh\known_hosts. PuTTY, on-the-other-hand, stores the certs in the registry. Have you tried running plink.exe without the extra options? Also, your original post showed you using putty.exe, and here we see you using ssh and plink. Which is the one you want to use? I believe either ssh or plink.exe are what you should be using, but you need to choose one and stick to it.
What you might need to do is connect to the machine using the PuTTY GUI first and accept the cert through the dialog and then perhaps plink.exe will work.
He should be able to use all kinds of shh clients (applications) he likes. But he´ll need to accept certificat from each client/application.
I have never used plink.exe, so I wouldnt know. It seems like a rather old commandline utility from ssh.com docs. (it doesnt even mention windows 7 or newer).
But I noticed something in seciton 3.8.3.20 PuTTY is the world's most popular free SSH and telnet client. Downloads, tutorials, how-tos, vulnerabilities. about the putty hostkey… It should be using the Putty hostkey…
I´m out of ideas then 