SSH: Could not resolve hostname

openBalena
1

I executed:

balena ssh XYZDevice --host

and received the following error:

Connecting to: XYZDevice
ssh: Could not resolve hostname ssh.devices.DOMAIN.com: Name or service not known

Do I have to create any other A records then the ones mentioned inside the getting started guide?

4

Hi @Torben,

I hit this issue also. Easy to resolve.

You need to add DNS record for ssh.devices.DOMAIN.com with CNAME that directs this domain name to your openBalena instance.

This is not clear in the documentation. I canā€™t see a way to contribute to the documentation myself to add this.

Cheers
Chris

1 Like
5

Hi @dash,

I could not find in the documentation any reference about adding a CNAME to ā€œssh.devices.DOMAIN.comā€.

Can you please point where this is explained?

I have this issue https://forums.balena.io/t/error-ssh-to-device-via-balena-cli/4855

Not sure if related.

Thanks

6

Hi @rlev,

Sorry I meant to say itā€™s not clear in the documentation that you need to set up DNS for that sub domain.

Cheers
Chris

7

Thanks for clarification @dash

8

I just added the CNAME as hinted but when I launch the command it tries to connect to the SSH daemon on the host machine instead of any SSH service provided by the openCloud solution.

Is it correct or should I use a specific port pointing to an openCloud container port ?

balena ssh -v -s
? Select a device winter-rain (3cdc95b)
Connecting to: 3cdc95bdeccdff08b4ff71b672f8ea3b
OpenSSH_7.6p1 Ubuntu-4ubuntu0.1, OpenSSL 1.0.2n 7 Dec 2017
debug1: Reading configuration data /etc/ssh/ssh_config
ā€¦
debug2: we did not send a packet, disable method
debug3: authmethod_lookup password
debug3: remaining preferred: ,password
debug3: authmethod_is_enabled password
debug1: Next authentication method: password
root@ssh.devices.openbalena.localā€™s password:
ā€¦
Host 3cdc95bdeccdff08b4ff71b672f8ea3b not found: 2(SERVFAIL)
Connection to ssh.devices.openbalena.local closed.

The device is using a development image and is connected; everything seems fine and SSH is the only balena-cli command I am unable to use.
I am problably still missing something: any hint ? :slight_smile:

9

Hi @KingRial

I believe that is working correctly. When you execute command to SSH device what I believe happens is a message is sent to Balena supervisor running on remote device which opens a reverse SSH tunnel to openBalena server, then server connects to the SSH tunnel using the local port.

Please see this however:

SSH is listed as beta in the CLI tool and it appears it does not yet work with openBalena instances. It does however work just fine with balenaCloud.

Cheers
Chris

10

@dash: Thanks for the reply.
I will keep under control the SSH feature on openBalena for an official solution.

Up to now I was able to access a Balena device by:

  • Installing on the device host OS a protected SSH daemon which allows access only from the openBalena VPN IP range
  • Entering in the open-balena-VPN container
  • Launching the SSH command to reach the deviceā€™s VPN IP associated

Itā€™s far from being a decent solution but at least, it allows remote support using openBalena :stuck_out_tongue:

11

At the moment SSH is not functional in openBalena via balena-cli. We are working on making it available though.

1 Like
12

Now that Iā€™m set up with the basics (images are pushing correctly to devices, and they are correctly showing as ā€˜onlineā€™), ssh access is the next priority that comes up for me. A couple questions related to this:

  • Until the feature to enable access from balena-cli is finished, is there a recommended way to remote access devices manually? (Phrased differently, is all the plumbing there and the only bit missing is the cli automation, allowing us to work around it by issuing the commands ourselves for now? Or are bits of the necessary plumbing missing on the device/server side as well?)

  • In addition to ssh access through the VPN, Iā€™m also keenly interested in getting the public url forwarding feature working (e.g. ā€œbalena device public-url enableā€); this allows me to expose a much more carefully controlled interface for remotely administering the software on my devices rather than relying on full command line access. Right now, this feature just errors out (500 internal server error). Is this intended to eventulaly be part of openBalena, or is it a premium feature that Iā€™m going to need to figure out an alternative solution for?

Thanks!

13

@bandrews

So SSH is a work in progress at this point, but it will require balenaOS 2.29 upwards to support it. You sound like you have a working VPN though, so this is probably the case.

Public Device URLs are not planned for release on OpenBalena though, so you will need to find your own solution around this.

1 Like
14

I thought you might like to follow these steps to get SSH working to your devices on openBalenaā€¦ SSH into host device

This is a workaround until we get the balena CLI updated to include it directly :ok_hand:

2 Likes