How to setup SSH key authentication on Windows 10

[aidenmitchell]

Backstory

Not an issue with the plugin, more with Homebridge and how it works on Windows 10

Issue

I'm trying to use SSH to shutdown and wake my Mac. I can't pass in the password to my Mac through the SSH command, so I tried to set up SSH key authentication, but that doesn't work. I realize that this is out of the scope of this plugin, but I'm hoping someone can point me in the right direction.

Environment

• os & os version: Windows 10
• node version: 12.14.0
• homebridge version: Unknown
• homebridge-wol version: 4.0.0

Configuration

My configuration looks like this:

{
    "bridge": {
        "name": "Homebridge",
        "username": "<mac_address>",
        "port": 51068,
        "pin": "968-30-107"
    },
    "accessories": [
        {
            "accessory": "NetworkDevice",
            "name": "iMac",
            "mac": "<mac_address>",
            "ip": "<ip>",
            "pingInterval": 45,
            "wakeGraceTime": 10,
            "wakeCommand": "ssh <username>@<ip> caffeinate -u -t 300",
            "shutdownGraceTime": 15,
            "shutdownCommand": "ssh <username>@<ip> sudo shutdown -h now"
        }
    ],
    "platforms": [
        {
            "name": "WeMo Platform",
            "platform": "BelkinWeMo"
        }
    ]
}

Log

[12/30/2019, 8:46:27 AM] Homebridge is running on port 51068.
[12/30/2019, 8:46:27 AM] [iMac] NetworkDevice "iMac" (10.0.0.145) went from status "Offline" to "Online"
[12/30/2019, 8:46:27 AM] [WeMo Platform] Online: Fan [94103E2CC8E4]
[12/30/2019, 8:46:27 AM] [WeMo Platform] Online: Room Light [6038E043B2A0]
[12/30/2019, 8:46:27 AM] [WeMo Platform] Online: 3D [94103E2CC624]
[12/30/2019, 8:46:28 AM] [WeMo Platform] Room Light - Get state: On
[12/30/2019, 8:46:29 AM] [Config] Homebridge Config UI X v4.6.7 is listening on :: port 8080
[12/30/2019, 8:46:51 AM] [iMac] NetworkDevice shutdown cycle started for "iMac" (10.0.0.145)
[12/30/2019, 8:46:51 AM] [iMac] NetworkDevice "iMac" (10.0.0.145) went from status "Online" to "Shutting Down"
[12/30/2019, 8:46:51 AM] [iMac] Attempting to shut down "iMac" (10.0.0.145) using "ssh"```

[AlexGustafsson]

I'm sorry, but you'll have to revisit SSH keys - it is the way to go. I'm pretty sure it's not available on Windows, but there's an application (CLI utility) called sshpass which will act the same way as ssh but work with a plaintext password instead of SSH keys. This is however heavily discourage for security reasons.

Here are some pointers that may be helpful:
Enabling the built-in support for SSH on Windows 10 (use this instead of PuTTY or other SSH applications): https://revistarai.org/how-to/enable-and-use-built-in-ssh-on-windows-10-without-putty/

This link explains how to configure your SSH keys: https://docs.microsoft.com/en-us/windows-server/administration/openssh/openssh_keymanagement. The keys will be used instead of the password to authenticate yourself.

The last, but important step is to execute the following command in CMD in order to copy your keys to the Mac:

# Should select key automatically:
ssh-copy-id <username>@<ip>
# If it does not work, select key manually:
ssh-copy-id -i <path to public key created by ssh-copy-id> <username>@<ip>

The above command may fail depending on differences between implementations, but the command will very likely still be called ssh-copy-id on Windows. If it does not work, look up how the command works on Windows.

Also, sudo in your wake and shutdown command is tricky here since it requires an interactive input of the password on the Mac computer. You'll have to try other means of shutting the device off. This answer might be helpful for shutting down without requiring super user rights: https://apple.stackexchange.com/questions/321028/shut-down-system-without-superuser-permission.

[aidenmitchell]

Ok, so I've figured it out. I re-created my server on Ubuntu for ease of commands etc, but I'm still stuck. Now when I toggle my Mac off, I get this:

[12/30/2019, 9:49:16 PM] [iMac] Attempting to shut down "iMac" (10.0.0.145) using "ssh"
[12/30/2019, 9:49:16 PM] [iMac] An error occured while trying to shut down "iMac" (10.0.0.145): Error: Command failed: ssh aidenmitchell@10.0.0.145 sudo shutdown -h now
Host key verification failed.
    at ChildProcess.exithandler (child_process.js:295:12)
    at ChildProcess.emit (events.js:210:5)
    at maybeClose (internal/child_process.js:1021:16)
    at Process.ChildProcess._handle.onexit (internal/child_process.js:283:5) {
  killed: false,
  code: 255,
  signal: null,
  cmd: 'ssh aidenmitchell@10.0.0.145 sudo shutdown -h now',
  stdout: '',
  stderr: 'Host key verification failed.\r\n'
}
[12/30/2019, 9:49:16 PM] [iMac] Waiting for shutdown grace time (15000ms) for "iMac" (10.0.0.145)
[12/30/2019, 9:49:31 PM] [iMac] NetworkDevice "iMac" (10.0.0.145) went from status "Shutting Down" to "Online"

What I don't understand is that "Host key verification" works when I use SSH to login to my Mac. It doesn't prompt me for my user password, which it used to, so I've made progress.

Thank you for all of your help.

[AlexGustafsson]

That host key verification fails means that the user running Homebridge does not trust your Mac. If you run Homebridge as another user than you're using when testing to SSH into the machine, this can easily be fixed.

When you first connect to a machine you usually get a prompt like this:

RSA key fingerprint is 96:a9:23:5c:cc:d1:0a:d4:70:22:93:e9:9e:1e:74:2f.
Are you sure you want to continue connecting (yes/no)? yes

Accepting it will add it to the file ~/.ssh/known_hosts and thus verify the host. If the host is not trusted, you get an error message.

You can try the following to connect to the server once as the user running Homebridge to ensure that the Mac is marked as trusted:

sudo -u homebridge-user ssh <user>@<mac ip>

If you are running Homebridge as another user, you will also have to setup SSH keys for that user.

[aidenmitchell]

Great, thanks! That fixed the problem! One more question, when I use the Home app to sleep or wake my computer, it doesn't give it enough time to sleep or wake and so it displays an orange exclamation mark and doesn't reflect that it's been toggled off. Can this be fixed? Not sure if it's a plugin problem or a HomeKit problem.

Edit: Link to screen recording of what I mean - https://share.icloud.com/photos/08onI2n0qmDWhX9zYuTRnamqg

[AlexGustafsson]

I think that's partly the Home app's fault. What's happening is that the plugin does not really respond for about 15 seconds due to the shutdown grace time. This is a design choice as it shows that it is still working with your request. I am unsure as to why the Home app decides to show the accessory as not responding the second it actually does respond.

Could you try to set shutdownGraceTime to 0 and try again? If it happens again, it's the plugin's fault.

[AlexGustafsson]

Closing as the main problem is solved. As for the orange exclamation mark it's sort of a design choice and as such it's not an issue right now. There is some discussion around this that you can follow over at #84.