Run command through ssh


I am trying to do something like: resin ssh $uuid -s <
Is there any way to succeed it?


Hi @StPAulis,

I’m afraid not. resin ssh is structured to go via our vpn and open a bash terminal on the device.
We don’t have a feature yet to pass/run arbitrary commands/scripts via the cli.

I have logged it as a feature request on a very long list. :slight_smile:


Thank you for your instant reply Zubairlk.

I would like to restart a service inside a multi-container app.
The arbitrary command would be balena restart $service.

What’s the best approach for that?

// should i move that question to a new topic?

Hi. The best approach to restart a service container is probably to use the supervisor API, issuing a HTTP request through either the command line (curl command) or your programming language of choice. I think the API action that best fits your description is:
POST /v2/applications/:appId/restart-service

We actually discourage running balena restart or similar commands on the Host OS, because the supervisor expects to be in control of app deployment and may contradict your manual commands. For the example, if you manually kill a service, the supervisor will try to start it again, to restore the app state configured through the web dashboard.

Have a look at those API links (and also, a higher level overview) and let us know if you come across any issues or have other questions.

Kind regards,

As for the original question, in terms of “workarounds”, if this helps:

Note that balenaOS includes a standard ssh server, and the standard ssh and scp tools can be used to access the host OS (and from there, access an app container), including running remote commands. It works with both development and production balenaOS images. Production images require a ssh key to be added to the config.json file – see sshKeys section of the meta-balena README file. Development images don’t require a ssh key to be added.

The ssh server on a device listens on TCP port number 22222. This port is not blocked by the device host OS, not even in production. If this port is blocked by a firewall or router on the device’s local network, the balena tunnel (balena CLI) command can be used as in the examples below.

Example 1 (port 22222 not blocked in the device’s local network)

# run these commands on your laptop/desktop computer

$ ssh -Tp 22222 root@<device_ip_address> <<< 'echo $(cat /etc/issue)'
balenaOS 2.31.5 \n \l

$ ssh -Tp 22222 root@<device_ip_address> cat /etc/issue
balenaOS 2.31.5 \n \l

$ scp -P 22222 my_local_file root@<device_ip_address>:/mnt/data/

Example 2 (port 22222 is blocked in the device’s local network)

# run these commands on your laptop/desktop computer

$ balena tunnel <deviceUUID> -p 22222:4321

$ ssh -Tp 4321 root@ <<< 'echo $(cat /etc/issue)'
balenaOS 2.31.5 \n \l

$ ssh -Tp 4321 root@ cat /etc/issue
balenaOS 2.31.5 \n \l

scp -P 4321 my_local_file root@

To open a shell in an app container, once you’ve got a shell to the host OS, you can run:

# run these commands on the host OS

balena-engine ps  # to list the running containers
balena-engine exec -it <containerID> /bin/sh

To run a command in an app container in a production image:

# run these commands on your laptop/desktop computer

$ balena tunnel <deviceUUID> -p 22222:4321

$ ssh -tp 4321 root@ balena-engine exec -it <containerID> echo 'hello from app container'
hello from app container

To scp files directly in the filesystem of an app container, use its shared persistent storage folder, for example:

# run this command on your laptop/desktop computer

scp -P 22222 resin-my_local_file root@<device_ip_address>:/var/lib/docker/volumes/<appID>_resin-data/_data/
1 Like

You can just pipe a echo with the instruction you want to do, into the "balena ssh " command.

For example:
echo “uname -a; exit” | balena ssh $IPorUUID

1 Like